CIBA: Require presence of jwks_uri conditionally
Issue #112
resolved
The page 6 of the 6th draft (draft-mobile-client-initiated-backchannel-authentication-06) says:
it MUST check if a valid "jwks_uri" is set when the backchannel request grant type is present"
Because OpenID Provider implementations don't always support "pairwise", it will be better to add a condition like
if the OpenID Provider supports "pairwise"
Comments (7)
-
-
The whole selection maybe needs to be updated to reflect the 3 modes now. I think it all applies to both poll and ping.
-
Yep - we need an update. Because ping mode clients can also just poll we need the same requirements around client auth.
-
-
assigned issue to
-
assigned issue to
-
Discussed during the Nov 13 MODRNA WG call and there was general consensus to clarify and update the section in question.
-
-
- changed status to resolved
Merged pull request
- Log in to comment
I think condition is also qualified by if the client is registering with subject_type of pairwise.
But isn't it already qualified by the fact that it's in a section that's dedicated to discussing pairwise identifiers?