Re: [keycloak-dev] OAuth2 JWT Secured Authorization Request (JAR)
On 16/02/17 18:32, Pedro Igor Silva wrote:
There is a spec for this already .... An OIDC one
https://openid.net/specs/oauth-v2-form-post-response-mode-1_0.html.
And we already
support that one on keycloak server side (no support in
adapters ATM).
Marek
On Thu, Feb 16, 2017 at 1:18 PM, Bill Burke <bburke(a)redhat.com> wrote:
> I'm sure they'll create a POST binding next because the URLs will be too
> big.
>
>
> On 2/16/17 10:07 AM, Pedro Igor Silva wrote:
>> Really interesting spec to improve security to authorization requests [1]
>> sent to a AS.
>>
>> Any similarity with SAML is just coincidence :)
>>
>> [1] https://datatracker.ietf.org/doc/draft-ietf-oauth-jwsreq
>>
>> Regards.
>> Pedro Igor
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev