[Openid-specs-fapi] Issue #399: OP must accept 'aud' in client assertion as issuer (openid/fapi)

Joseph Heenan issues-reply at bitbucket.org
Wed Mar 31 14:37:03 UTC 2021


New issue 399: OP must accept 'aud' in client assertion as issuer
https://bitbucket.org/openid/fapi/issues/399/op-must-accept-aud-in-client-assertion-as

Joseph Heenan:

See [https://bitbucket.org/openid/fapi/issues/398/new-certification-check-aud-in-client](https://bitbucket.org/openid/fapi/issues/398/new-certification-check-aud-in-client) - it was discussed on today’s call and we felt that we should probably add a normative clause in FAPI2 that requires the OP to access the issuer as the aud for client authentication assertions.




More information about the Openid-specs-fapi mailing list