Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update private key JWT audience logic for PAR endpoint #983

Closed
brockallen opened this issue Jul 22, 2022 · 3 comments
Closed

Update private key JWT audience logic for PAR endpoint #983

brockallen opened this issue Jul 22, 2022 · 3 comments
Assignees
@josephdecock
Labels
internal
Milestone
7.0.0

Comments

@brockallen
Copy link
Member

To allow for issuer name, token endpoint, and/or PAR endpoint.

https://datatracker.ietf.org/doc/html/rfc9126#section-2
@brockallen brockallen added this to the 6.2.0 milestone Jul 22, 2022
@brockallen brockallen modified the milestones: 6.2.0, 6.3.0 Oct 19, 2022
@brockallen
Copy link
Member Author

brockallen commented Jan 10, 2023
edited

Due to historical reasons, there is potential ambiguity regarding the appropriate audience value to use when employing JWT client assertion-based authentication (defined in Section 2.2 of [RFC7523] with private_key_jwt or client_secret_jwt authentication method names per Section 9 of [OIDC]). To address that ambiguity, the issuer identifier URL of the authorization server according to [RFC8414] SHOULD be used as the value of the audience. In order to facilitate interoperability, the authorization server MUST accept its issuer identifier, token endpoint URL, or pushed authorization request endpoint URL as values that identify it as an intended audience.

And CIBA endpoint

@brockallen brockallen self-assigned this Jan 10, 2023
@brockallen brockallen mentioned this issue Jan 26, 2023
Merged
@brockallen brockallen modified the milestones: 6.3.0, 7.x Jan 26, 2023
@brockallen
Copy link
Member Author

Moved to 7.0 for when we add the PAR endpoint.

@brockallen brockallen changed the title Update private key JWT audience logic Update private key JWT audience logic for PAR endpoint May 30, 2023
@brockallen brockallen mentioned this issue May 30, 2023
Closed
@brockallen brockallen assigned josephdecock and unassigned brockallen Jun 1, 2023
@josephdecock
Copy link
Member

josephdecock commented Oct 30, 2023
edited

This was finished in #1424.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@josephdecock josephdecock

Labels
internal
Projects
None yet
Milestone
7.0.0
Development

No branches or pull requests
2 participants
@brockallen @josephdecock