Part 1 'require the redirect_uri parameter' could have a better wording
Issue #317
resolved
This text in FAPI-R, https://bitbucket.org/openid/fapi/annotate/master/Financial_API_WD_001.md?at=master&fileviewer=file-view-default#Financial_API_WD_001.md-159
shall require the `redirect_uri` parameter in the authorization request;
can be read as the AS needing to require the redirect_uri specifically in a url parameter (rather than in a request object), which combines badly with PAR/JAR where you definitely don’t need to require it in a url parameter to the authorization endpoint. I’m pretty sure the intent is just that the redirect uri is explicitly stated somewhere, possibly we should tweak the language if we can find a better wording.
Comments (10)
-
reporter
-
reporter
- changed status to open
-
reporter
-
assigned issue to
Joseph Heenan
-
assigned issue to
-
-
assigned issue to
Dave Tonge
-
assigned issue to
-
- changed status to resolved
Already fixed
-
- changed component to Part 1: Baseline
-
- changed component to FAPI 1 - Part 1: Baseline
-
- changed component to FAPI 1 – Part 1: Baseline
-
- changed component to FAPI 1 – Baseline
-
- changed component to FAPI 1: Baseline
- Log in to comment
Dave suggested just removing ‘parameter’. Seemed to be a consensus on that on today’s call.