[Openid-specs-ab] request_uris parameter of Dynamic Client Registration

Chuck Mortimore cmortimore at salesforce.com
Wed Nov 26 21:19:14 UTC 2014


I don't think jwks_uri should be used as an identifier for.    For many
large providers this key URL might be common across multiple tenants, and
hence cannot be used to uniquely identify a client.   In addition, many
providers may not choose to use URLs for their keys.

client_id really should be how clients are identified

On Wed, Nov 26, 2014 at 1:02 PM, Mike Schwartz <mike at gluu.org> wrote:

> On 2014-11-26 14:23, John Bradley wrote:
>
>  I think I recommended using the jwks_uri in registration for the
>> client to publish an endpoint for it’s keys if it is going to rotate
>> them.
>>
>>
> jwks_uri is a great idea...
>
> To update the client secret, a new client is registered with the same
> jwks_uri?
>
> And "Sector Identifier" also looks very interesting. Good point Mike
> Jones...
>
> - Mike Schwartz
> Gluu
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20141126/e4f9d3a3/attachment.html>


More information about the Openid-specs-ab mailing list