- changed status to open
SIOP response_types_supported
Issue #1771
resolved
https://openid.net/specs/openid-connect-self-issued-v2-1_0-12.html#section-6.1-6.3.1
Says that AS/OP response_types_supported
metadata is “A JSON array of strings representing supported response types. MUST be id_token
”. An array can’t be a string but more importantly this reads as though it precludes other response types like authorization code that are discussed elsewhere in the document as being usable.
Is this intentional?
Should it rather say something like “MUST include id_token”?
Comments (2)
-
-
- changed status to resolved
PR merged
- Log in to comment
PR #397
Static SIOP metadata already says: