Registration 2.2.2 - Delete rotate_secret operation

Issue #745 resolved
Michael Jones created an issue

The rotate_secret operation was invented in OpenID Connect registration at a time that clients were authenticating to the registration endpoint using the client secret. If the secret was being changed, in the event of a communication failure, the client could be left without a working client secret. This is no longer the case, since we’re now using OAuth Bearer Tokens to authenticate to the registration endpoint.

Comments (2)

  1. Log in to comment