- edited description
-
assigned issue to
- changed title to Registration - 2.1 Inconsistency in type and client_[id/secret] parameters
Registration - 2.1 Inconsistency in type and client_[id/secret] parameters
Issue #639
resolved
Registration §2.1 [1] defines the params and, under type, has "if rotate_secret is used no additional parameters other than client_id and client_secret should be included in the request" but client_id and client_secret both just say "Used with client_update" and don't mention rotate_secret.
http://openid.net/specs/openid-connect-registration-1_0.html#anchor3
Comments (3)
-
-
reporter There's been talk of restructuring this doc but, in the current structure, just add "and rotate_secret" after client_update in the client_id and client_secret definitions.
-
- changed status to resolved
Fixes
#639Changed 2.1 to only allow access_token as a parameter if type is rotate_secret - Log in to comment