Part 2: Clarify that servers 'may' support the request object endpoint
Joseph Heenan
Branch: josephheenan/fapi:request-object-endpoint-clarification
Branch: openid/fapi:master
Merged
Merged pull request
Merged in josephheenan/fapi/request-object-endpoint-clarification (pull request #55)
I've had several queries as to whether request object endpoint support is required in the AS or not over the last few months. I don't think the current language is clear, so I have added an explicit clause to the authorisation server requirements sections.
Also a minor cleanup to remove the 'and' for this set of clauses to the correct place.