[Openid-specs-ab] token_endpoint_auth_method Registration example error?
Mike Jones
Michael.Jones at microsoft.com
Wed Jan 23 09:07:29 UTC 2013
Registration contains the following definition:
token_endpoint_auth_method
OPTIONAL. Requested authentication method for the Token Endpoint. The options are client_secret_post, client_secret_basic, client_secret_jwt, and private_key_jwt, as described in Section 2.2.1 of [OpenID.Messages]. Other Authentication methods may be defined by extension. If unspecified or omitted, the default is client_secret_basic HTTP Basic Authentication Scheme as specified in Section 2.3.1 of [RFC6749].
It later uses "token_endpoint_auth_method" in two example result values in this manner:
"token_endpoint_auth_method":
"client_secret_basic client_secret_post",
This looks like a bug to me, since the string appears to be trying to contain multiple values.
Thus, I'm changing the string used to just "client_secret_basic" to make the example correct. But I thought I'd point this out in case the example may have been intentional in some manner.
-- Mike
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20130123/27c5189d/attachment.html>
More information about the Openid-specs-ab
mailing list