Page tree
Skip to end of metadata
Go to start of metadata

Client registration parameters "request_object_signing_alg", "request_object_encryption_alg" and "request_object_encryption_enc" control if provider if client must send signed and encrypted authorization request and what algorithms client is expected to use.

JWT Secured Authorization Request (JAR)

Registration parameters

NameDescription
request_object_signing_alg


request_object_encryption_alg
request_object_encryption_enc

Parameters

NameDescription
requestRequest object passed by value

JWT Claims

The JWT contains as claims all authorization request parameters, including response_type, client_id, redirect_uri etc. In addition the following JWT parameters are required

NameDescription
iss

Issuer

Matches client_id of client

aud

Audience

Matches issuer identifier

References

  • No labels