[Openid-specs-ab] request_uris parameter of Dynamic Client Registration
Chuck Mortimore
cmortimore at salesforce.com
Wed Nov 26 21:19:14 UTC 2014
I don't think jwks_uri should be used as an identifier for. For many
large providers this key URL might be common across multiple tenants, and
hence cannot be used to uniquely identify a client. In addition, many
providers may not choose to use URLs for their keys.
client_id really should be how clients are identified
On Wed, Nov 26, 2014 at 1:02 PM, Mike Schwartz <mike at gluu.org> wrote:
> On 2014-11-26 14:23, John Bradley wrote:
>
> I think I recommended using the jwks_uri in registration for the
>> client to publish an endpoint for it’s keys if it is going to rotate
>> them.
>>
>>
> jwks_uri is a great idea...
>
> To update the client secret, a new client is registered with the same
> jwks_uri?
>
> And "Sector Identifier" also looks very interesting. Good point Mike
> Jones...
>
> - Mike Schwartz
> Gluu
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20141126/e4f9d3a3/attachment.html>
More information about the Openid-specs-ab
mailing list