[Openid-specs-fapi] Issue #458: FAPI1 Part1: not clear as to which auth flows are supported (openid/fapi)
Kosuke Koiwai
issues-reply at bitbucket.org
Sun Nov 14 03:08:25 UTC 2021
New issue 458: FAPI1 Part1: not clear as to which auth flows are supported
https://bitbucket.org/openid/fapi/issues/458/fapi1-part1-not-clear-as-to-which-auth
Kosuke Koiwai:
In Issue #11, Nat says “PKCE or Hybrid Flow is mandated in Part 1,“ but I couldn’t read it from the spec.
Does “shall support PCKE” means “shall not use implicit flow?”
Part2 has been already covered in Issue #72.
### 5.2.3. Public client
1. shall support [RFC7636](https://tools.ietf.org/html/rfc7636);
2. shall use `S256` as the code challenge method for the [RFC7636](https://tools.ietf.org/html/rfc7636);
More information about the Openid-specs-fapi
mailing list