Financial-grade API Security Profile 1.0 - Part 2: Advanced "Example Request Object"
Issue #388
resolved
Section A.1 Example request object is missing the now required nbf claim in the object (both encoded and decoded).
Also, the following section doesn’t seem like it should be part of the final specification. Should it maybe be committed to and linked under an openid account?
The code that generated these examples can be found here:
https://gitlab.com/emobix/fapi-examples
Comments (9)
-
-
reporter
If it’s just for update purposes it could just be an html comment left in there for that someone? I don’t mind leaving it there if it’s a future-proof location under an openid account.
-
- changed status to open
It needs to be either under openid.net which we can control or within the document itself. Usually, we put it in the document itself.
-
- changed status to resolved
Now the link in invisible.
-
"fixes
#388- example A.1 missing required 'nbf' claim"→ <<cset efa46c333484>>
-
Merged in issue_388 (pull request #250)
"fixes
#388- example A.1 missing required 'nbf' claim"Approved-by: Dima Postnikov Approved-by: Dave Tonge Approved-by: Joseph Heenan Approved-by: Nat Sakimura Approved-by: Filip Skokan
→ <<cset 88ce725dabf0>>
-
- changed component to Part 2: Advanced
-
- changed component to FAPI 1 – Part 2: Advanced
-
- changed component to FAPI 1: Advanced
- Log in to comment
Good spot, thanks Filip!
I can move this to https://gitlab.com/openid/fapi-examples pretty easily if that’s better? I don’t mind, my only real goal here was trying to make sure that, if someone other than me ever needs to update the examples, that they can do so without starting from scratch or trying to generate them by hand. (And a secondary goal of trying to make sure I don’t forget how I did it…)