-
assigned issue to
- changed status to open
Basic 3.2.3 - error response recipient not specified
Issue #69
resolved
Section 3.2.3 says that an "error MUST be returned by the Identity provider". It is not specified whether this should be directed to the user, or a redirect to the client.
It should probably point to OAuth 2 section 4.2.2.1 (the error response for the implicit grant authorization request).
Comments (3)
-
-
Drop this sentence.
-
- changed status to resolved
fixes
#69 - Log in to comment