Signed and encrypted request - SSO

Owned by ubisebastian
2022-01-16
1 min read

Client registration parameters "request_object_signing_alg", "request_object_encryption_alg" and "request_object_encryption_enc" control if provider if client must send signed and encrypted authorization request and what algorithms client is expected to use.

JWT Secured Authorization Request (JAR)

Registration parameters

NameDescription
request_object_signing_alg


request_object_encryption_alg
request_object_encryption_enc

Parameters

NameDescription
requestRequest object passed by value

JWT Claims

The JWT contains as claims all authorization request parameters, including response_type, client_id, redirect_uri etc. In addition the following JWT parameters are required

NameDescription
iss

Issuer

Matches client_id of client

aud

Audience

Matches issuer identifier

References

Ubisecure Privacy Policy & Cookie Statement