I was reviewing the Dynamic Client Registration spec, and I think I found a typo. The example says "expires_in" but the definition says "expires_at"...
2.2. Client Registration Response
expires_at REQUIRED. The number of seconds from 1970-01-01T0:0:0Z as measured in UTC that the client_id and client_secret will expire or 0 if they do not expire. See RFC 3339 [RFC3339] for details regarding date/times in general and UTC in particular. Following is a non-normative example response:
HTTP/1.1 200 OK Content-Type: application/json Cache-Control: no-store
"client_secret":"cf136dc3c1fd9153029bb9c6cc9ecead918bad9887fce6c93f31185e5885805d", "expires_in":3600 }
- Mike Schwartz Gluu