[Openid-specs-fapi] Issue #666: Requiring PAR for authorization code flow (openid/fapi)
M V
issues-reply at bitbucket.org
Fri Jan 12 02:55:43 UTC 2024
New issue 666: Requiring PAR for authorization code flow
https://bitbucket.org/openid/fapi/issues/666/requiring-par-for-authorization-code-flow
Mark Verstege:
Given that PAR is required, should the profile clearly state that the `require_pushed_authorization_requests` property be set to `true`? In RFC9126 the default value for this property is `false`.
This may be a statement in 5.3.1.2. to the effect of
> shall require the `require_pushed_authorization_requests` parameter be set to `true`
More information about the Openid-specs-fapi
mailing list