- changed status to resolved
Discovery token_endpoint_auth_algs_supported not supporting symmetric algs
Issue #665
resolved
I just noticed that the Provider Configuration Response in Discovery* defines token_endpoint_auth_algs_supported as "A JSON array containing a list of the JWS signing algorithms [JWA] supported by the Token Endpoint for the private_key_jwt method to encode the JWT [JWT]. Servers SHOULD support RS256."
Was that intended to only cover the private_key_jwt asymmetric algorithms? What about algorithms for client_secret_jwt? I didn't see anything about the supported MAC algorithms client_secret_jwt. Is that an accidental omission or is there some reason it's not there that I'm missing?
Thanks, Brian
Comments (1)
-
reporter - Log in to comment
Fixes
#665Add client_secret_jwt to token_endpoint_auth_algs_supported<→ <<cset 3352b79bd59c>>