Hello, >From SPIFFE CLIENT AUTH ISSUE 35 https://github.com/arndt-s/oauth-spiffe-client-authentication/issues/35
To list SPIFFE Client Authentication using JWT-SVID in the token_endpoint_auth_methods_supported server metadata parameter and to set it as the value of the token_endpoint_auth_method client metadata parameter, an identifier for this client authentication method is required. I would like to propose spiffe_jwt as a candidate. This name aligns with the following existing identifiers, both of which represent variants of assertion-based client authentication: - client_secret_jwt - private_key_jwt Reference: IANA OAuth Parameters OAuth Token Endpoint Authentication Methods https://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtml#token-endpoint-auth-method Best Regards, Taka @ Authlete
_______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
