[Openid-specs-ab] Issue #1606: Relax behaviour around automatic client registration to permit other usecases (openid/connect)
Tobias Looker
issues-reply at bitbucket.org
Tue Aug 23 00:15:52 UTC 2022
New issue 1606: Relax behaviour around automatic client registration to permit other usecases
https://bitbucket.org/openid/connect/issues/1606/relax-behaviour-around-automatic-client
Tobias Looker:
The federation specification defines a useful way for a client to avoid explicit registration by using a client id that is resolvable to the clients metadata. This mechanism even though it is defined in the federation spec has applications beyond just federation for instance within the OIDC4SSI. The issue is that the current text in the federation spec is quite restrictive around other characteristics that a client must have to support automatic registration, namely using the signed request object with a key appropriately associated back to the clients metadata. The suggestion is that the usage of the signed request and key validation to the clients metadata should be an option \(and probably required for federation usecases\) but not required for all clients wanting to use automatic registration for other purposes.
More information about the Openid-specs-ab
mailing list