[Openid-specs-ab] Question on Dynamic Registration
Preibisch, Sascha H
Sascha.Preibisch at ca.com
Wed May 31 17:59:25 UTC 2017
Hi all!
A team member and I just had a discussion about dynamic registration. Specifically about this section:
http://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata
We are not sure how "response_types" and "grant_types" are expected to be handled. This is not clear to us:
* if a client registers for any other response_type than "code", is the client required to also include a "grant_type"?
* Or is it that the server has to be configured to support the matching grant_type and fail otherwise?
* Should the server return the matching grant_types although the spec. says to return "authorization_code" in the case of being omitted?
It would be great to get some clarification on that.
Thanks,
Sascha
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20170531/e953e5ea/attachment.html>
More information about the Openid-specs-ab
mailing list