OPSDIR Review : General - delete semicolors after list items

Issue #48 resolved
Edmund Jay created an issue

The JWT [RFC7519] encoding has been chosen because of

(1) its close relationship with JSON, which is used as OAuth's response format;

(2) its developer friendliness due to its textual nature;

The parameters "request" and "request_uri" are introduced as additional authorization request parameters for the OAuth 2.0 [RFC6749] flows. The "request" parameter is a JSON Web Token (JWT) [RFC7519] whose JWT Claims Set holds the JSON encoded OAuth 2.0 authorization request parameters. This JWT is integrity protected and source authenticated using JWS.

The JWT [RFC7519] can be passed to the authorization endpoint by reference, in which case the parameter "request_uri" is used instead For example, a request can be pre-examined by a third party that all the personal data requested is strictly necessary to perform the process that the end-user asked for, and statically signed by that third party. The client would then send the request along with dynamic parameters such as state. The authorization server then examines the signature and shows the conformance status to the end-user, who would have some assurance as to the legitimacy of the request when authorizing it. In some cases, it may even be desirable to skip the authorization dialogue under such circumstances. [O] ; [P] [R] the semicolons are not necessary -- the list is already separated by lines and letters.

Comments (1)

  1. Log in to comment