[keycloak-dev] OAuth2 JWT Secured Authorization Request (JAR)

Pedro Igor Silva psilva at redhat.com
Thu Feb 16 12:32:49 EST 2017


There is a spec for this already .... An OIDC one
https://openid.net/specs/oauth-v2-form-post-response-mode-1_0.html.

On Thu, Feb 16, 2017 at 1:18 PM, Bill Burke <bburke at redhat.com> wrote:

> I'm sure they'll create a POST binding next because the URLs will be too
> big.
>
>
> On 2/16/17 10:07 AM, Pedro Igor Silva wrote:
> > Really interesting spec to improve security to authorization requests [1]
> > sent to a AS.
> >
> > Any similarity with SAML is just coincidence :)
> >
> > [1] https://datatracker.ietf.org/doc/draft-ietf-oauth-jwsreq
> >
> > Regards.
> > Pedro Igor
> > _______________________________________________
> > keycloak-dev mailing list
> > keycloak-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>


More information about the keycloak-dev mailing list