March 10, 2017
The OAuth Authorization Server Metadata specification has been updated to incorporate the working group last call feedback received. Thanks to William Denniss and Hannes Tschofenig for their reviews. Use of the “https†scheme for the “jwks_uri†URL is now required. The precedence of signed metadata values over unsigned values was clarified. Unused references were removed.
The specification is available at:
An HTML-formatted version is also available at:
No Comments » Posted under Claims & JSON & OAuth & Specifications
Leave a Reply
You must be logged in to post a comment.
