Signed and encrypted request - SSO

Client registration parameters "request_object_signing_alg", "request_object_encryption_alg" and "request_object_encryption_enc" control if provider if client must send signed and encrypted authorization request and what algorithms client is expected to use.

JWT Secured Authorization Request (JAR)

Registration parameters

NameDescription
request_object_signing_alg


request_object_encryption_alg
request_object_encryption_enc

Parameters

NameDescription
requestRequest object passed by value

JWT Claims

The JWT contains as claims all authorization request parameters, including response_type, client_id, redirect_uri etc. In addition the following JWT parameters are required

NameDescription
iss

Issuer

Matches client_id of client

aud

Audience

Matches issuer identifier

References

This web page (including any attachments) may contain confidential, proprietary, or privileged information – not for disclosure without authorization from Ubisecure Inc. Copyright © 2024. All Rights Reserved.