<div dir="auto"><div>This question was sent to the list owner instead of the list. So I am forwarding <br><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">---------- Forwarded message ---------<br>From: <strong class="gmail_sendername" dir="auto">Rivindu Madushan</strong> <span dir="auto"><<a href="mailto:rivindu.madushan@gmail.com">rivindu.madushan@gmail.com</a>></span><br>Date: 2023年12月15日(金) 14:37<br>Subject: Support FAPI PAR without JAR(rfc 9101)<br>To: <<a href="mailto:openid-specs-fapi-owner@lists.openid.net">openid-specs-fapi-owner@lists.openid.net</a>><br></div><br><br><div dir="ltr">Hi team,<div><br></div><div>This is regarding the use of Pushed authorization requests according to the FAPI specification.</div><div><br></div><div>According to the specification 5.2.3-8[1], for the authorization request, clients must send all the parameters inside the authorization requests' request object. It doesn't mention about the /par call. As per the PAR specification[2], if the OP supports JAR[3], then all the parameters must be sent inside the request object for the /par call. </div><div><br></div><div>My question is can there be an OP, who supports FAPI while not having the support for JAR(RFC 9101). ie. It expects the client to send the duplicates of the response_type, client_id, and scope parameters in the /par call?</div><div><br></div><div>Highly appreciate your insight on this.</div><div><br></div><div>[1] <a href="https://openid.net/specs/openid-financial-api-part-2-1_0.html#confidential-client" target="_blank" rel="noreferrer">https://openid.net/specs/openid-financial-api-part-2-1_0.html#confidential-client</a></div><div>[2] <a href="https://datatracker.ietf.org/doc/html/rfc9126#name-the-request-request-paramet" target="_blank" rel="noreferrer">https://datatracker.ietf.org/doc/html/rfc9126#name-the-request-request-paramet</a></div><div>[3] <a href="https://datatracker.ietf.org/doc/html/rfc9101" target="_blank" rel="noreferrer">https://datatracker.ietf.org/doc/html/rfc9101</a><br clear="all"><div><br></div><div>Thanks & Regards,</div><div>Rivindu</div></div></div>
</div></div></div>