[Openid-specs-ab] Issue #1701: fix: [Federation] trust_chain parameter in authz request without PAR and JAR (openid/connect)
peppelinux
issues-reply at bitbucket.org
Sat Oct 29 21:00:19 UTC 2022
New issue 1701: fix: [Federation] trust_chain parameter in authz request without PAR and JAR
https://bitbucket.org/openid/connect/issues/1701/fix-federation-trust_chain-parameter-in
Giuseppe De Marco:
In the explanatory text of the parameter trust\_chain, in the authorization request, we say that
> Due to the large size of a Trust Chain it could be necessary to use a [JWT-Secured Authorization Request \(JAR\)](https://openid.bitbucket.io/connect/openid-connect-federation-1_0.html#RFC9101) \[[RFC9101](https://openid.bitbucket.io/connect/openid-connect-federation-1_0.html#RFC9101)\] or [Pushed Authorization Request](https://openid.bitbucket.io/connect/openid-connect-federation-1_0.html#RFC9126) \[[RFC9126](https://openid.bitbucket.io/connect/openid-connect-federation-1_0.html#RFC9126)\].
JAR and PAR ar not necessary because OIDC Core 1.0 allow the HTTP method POST in the Authorization Request
[https://openid.net/specs/openid-connect-core-1\_0.html#AuthRequest](https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest)
Responsible: Giuseppe De Marco
More information about the Openid-specs-ab
mailing list