-
assigned issue to
Specify that Federation endpoints use https scheme
Issue #2041
resolved
Each place we define an endpoint, we should say that the endpoint uses the https
scheme and MAY contain port, path, and query parameter components. We can use this language from OpenID Connect Discovery as an example:
userinfo_endpoint
RECOMMENDED. URL of the OP's UserInfo Endpoint [OpenID.Core]. This URL MUST use the
https
scheme and MAY contain port, path, and query parameter components.
I believe this language should apply to these endpoints: federation_registration_endpoint
, federation_fetch_endpoint
, federation_list_endpoint
, federation_resolve_endpoint
, federation_trust_mark_status_endpoint
, federation_trust_mark_list_endpoint
.
Comments (3)
-
-
-
- changed status to resolved
- Log in to comment