Re: [keycloak-dev] OAuth2 JWT Secured Authorization Request (JAR)
There is a spec for this already .... An OIDC one
https://openid.net/specs/oauth-v2-form-post-response-mode-1_0.html.
On Thu, Feb 16, 2017 at 1:18 PM, Bill Burke <bburke(a)redhat.com> wrote:
I'm sure they'll create a POST binding next because the URLs
will be too
big.
On 2/16/17 10:07 AM, Pedro Igor Silva wrote:
> Really interesting spec to improve security to authorization requests [1]
> sent to a AS.
>
> Any similarity with SAML is just coincidence :)
>
> [1] https://datatracker.ietf.org/doc/draft-ietf-oauth-jwsreq
>
> Regards.
> Pedro Igor
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev