Signed and encrypted request
- Former user (Deleted)
Owned by Former user (Deleted)
Client registration parameters "request_object_signing_alg", "request_object_encryption_alg" and "request_object_encryption_enc" control if provider if client must send signed and encrypted authorization request and what algorithms client is expected to use.
JWT Secured Authorization Request (JAR)
Registration parameters
| Name | Description |
|---|---|
| request_object_signing_alg | |
| request_object_encryption_alg | |
| request_object_encryption_enc |
Parameters
| Name | Description |
|---|---|
| request | Request object passed by value |
JWT Claims
The JWT contains as claims all authorization request parameters, including response_type, client_id, redirect_uri etc. In addition the following JWT parameters are required
| Name | Description |
|---|---|
| iss | Issuer Matches client_id of client |
| aud | Audience Matches issuer identifier |