-
assigned issue to
- changed status to open
Messages - 3.2.1 client_secret value ambiguous
Issue #195
resolved
client_secret: "If the "secret_type" is "JWT", the value is the JWS [JWS] signature of a JSON object"
It is unclear if the whole JWS is regarded as the signature and value of the client_secret, or just the crypto output part of the JWS.
Also the "S" is JWS I believe stands for "signature", "JWS signature" doesn't sound right.
Comments (2)
-
-
- changed status to resolved
fixes
#195reworked 3.2 - Log in to comment
Will be fixed with the Authentication scheme registered in the Registration.