Signed and encrypted request - SSO
Client registration parameters "request_object_signing_alg", "request_object_encryption_alg" and "request_object_encryption_enc" control if provider if client must send signed and encrypted authorization request and what algorithms client is expected to use.
JWT Secured Authorization Request (JAR)
Registration parameters
Name | Description |
|---|---|
request_object_signing_alg | |
request_object_encryption_alg | |
request_object_encryption_enc |
Parameters
Name | Description |
|---|---|
request | Request object passed by value |
JWT Claims
The JWT contains as claims all authorization request parameters, including response_type, client_id, redirect_uri etc. In addition the following JWT parameters are required
Name | Description |
|---|---|
iss | Issuer Matches client_id of client |
aud | Audience Matches issuer identifier |