[Openid-specs-igov] Client Assertion definition
Justin Richer
jricher at mit.edu
Fri Jan 19 21:04:58 UTC 2018
Good catch, that should be a cross-reference to section 2.3.2 of the OAuth profile:
https://xml2rfc.tools.ietf.org/cgi-bin/xml2rfc.cgi?Submit=Submit&format=ascii&mode=html&type=ascii&url=https://bitbucket.org/openid/igov/raw/master/openid-igov-oauth2.xml#RequestsToTokenEndpoint <https://xml2rfc.tools.ietf.org/cgi-bin/xml2rfc.cgi?Submit=Submit&format=ascii&mode=html&type=ascii&url=https://bitbucket.org/openid/igov/raw/master/openid-igov-oauth2.xml#RequestsToTokenEndpoint>
— Justin
> On Jan 19, 2018, at 2:58 PM, Phil Hunt via Openid-specs-igov <openid-specs-igov at lists.openid.net> wrote:
>
> Looking at the iGov profile and in section 2.2 it says…
> client_assertion
> The value of the signed client authentication JWT generated as described below. The RP must generate a new assertion JWT for each call to the token endpoint.
>
> Funny thing, the "JWT as described below" is not to be found.
>
> Phil
>
> Oracle Corporation, Identity Cloud Services Architect
> @independentid
> www.independentid.com <http://www.independentid.com/>phil.hunt at oracle.com <mailto:phil.hunt at oracle.com>
> _______________________________________________
> Openid-specs-igov mailing list
> Openid-specs-igov at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-igov
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-igov/attachments/20180119/f6cc47d3/attachment.html>
More information about the Openid-specs-igov
mailing list