openid / connect / issues / #383 - Messages - 2.2.1 client_secret_jwt and private_key_jwt authentication methods — Bitbucket

Issue #383 resolved

Edmund Jay created an issue 2011-12-01

The current draft only allows the authentication to be used in a POST method. Should it be allowed to used the Header method also? Perhaps we should mention section 2.1 and 2.2 of Bearer Tokens?

Comments (3)

John Bradley
The reference is to http://tools.ietf.org/html/draft-jones-oauth-jwt-bearer-01#section-2.2

Perhaps directly referencing http://tools.ietf.org/html/draft-ietf-oauth-assertions-01#section-4.1 could be added, but too many references is also confusing.

This is not about the OAuth Bearer Token profile.
- 2011-12-01T02:15:37+00:00
John Bradley
re ~~#383~~ add reference to I-D.ietf.oauth-assertions.

→ b27c7c12f5e9
- 2011-12-01T02:35:20+00:00
John Bradley
- assigned issue to
  
  John Bradley
- changed status to resolved
Addition of reference to assertion profile clarifies.
- 2011-12-03T02:21:04+00:00
Log in to comment

Assignee: John Bradley

Type: bug

Priority: major

Status: resolved

Component: –

Milestone: –

Version: –

Votes: 0

Watchers: 0

Jira Software: the preferred issue tracker for Bitbucket. Join the team!