[Openid-specs-ab] Question on Dynamic Registration

Preibisch, Sascha H Sascha.Preibisch at ca.com
Wed May 31 17:59:25 UTC 2017


Hi all!

A team member and I just had a discussion about dynamic registration. Specifically about this section:
http://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata

We are not sure how "response_types" and "grant_types" are expected to be handled. This is not clear to us:

  *   if a client registers for any other response_type than "code", is the client required to also include a "grant_type"?
  *   Or is it that the server has to be configured to support the matching grant_type and fail otherwise?
  *   Should the server return the matching grant_types although the spec. says to return "authorization_code" in the case of being omitted?

It would be great to get some clarification on that.

Thanks,
Sascha

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20170531/e953e5ea/attachment.html>


More information about the Openid-specs-ab mailing list