[Openid-specs-ab] Issue #999: Core - 126.96.36.199 para 3: Clarification proposal (openid/connect)
issues-reply at bitbucket.org
Thu Aug 18 14:48:07 UTC 2016
New issue 999: Core - 188.8.131.52 para 3: Clarification proposal
Paragraph 3 states:
Unless the Redirection URI is invalid, the Authorization Server returns the Client to
the Redirection URI specified in the Authorization Request with the appropriate
error and state parameters. Other parameters SHOULD NOT be returned.
It is ambiguous on what is to be done if the Redirection URI is invalid.
If Redirection URI is invalid, the Authorization Server MUST NOT
return the Client to the Redirection URI provided in the Authorization Request.
More information about the Openid-specs-ab