Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Dynamic Client Registration Support for OpenID Connect #2021
We don't have plans to implement client registration in our core project. The design of core is that it has read-only access to the configuration store (also for minimizing attack surface).
We discussed this before and decided that this would be better implemented in a management library. This does not exist yet and we don't have the resources right now. If you want to start a contrib project - let us know.
that would mean to re-start this repo https://github.com/IdentityServer/IdentityServer3.Admin
open an issue there please that you want to do this. thanks!
I am very happy that I can be part of this. I also need this functionality for one project.
Why can not we put Dynamic Client Registration as an extension to Identity Server 3? Anyway its part of both OAuth and OpenID Connect. Speaking about attack surface, it seams to me that it does not mater much where it is, if this endpoint is enabled the attack surface is the same. It can be part of Identity Server 3, and turned of by default.
Its just small proposal. What do you think Dominick?