Client registration parameters "request_object_signing_alg", "request_object_encryption_alg" and "request_object_encryption_enc" control if provider if client must send signed and encrypted authorization request and what algorithms client is expected to use.

JWT Secured Authorization Request (JAR)

Registration parameters

Parameters

JWT Claims

The JWT contains as claims all authorization request parameters, including response_type, client_id, redirect_uri etc. In addition the following JWT parameters are required

References

• https://tools.ietf.org/html/draft-ietf-oauth-jwsreq-15
• https://tools.ietf.org/html/rfc7519