Support for OpenID Connect Dynamic Client Registration #705

azmeuk · 2025-02-13T22:31:01Z

Authlib implements RFC7591 that allow for dynamic client registration as defined in the OAuth2 spec.
However, the OpenID Connect Dynamic Client Registration specification details some additional claims that are currently ignored by the RFC7591 implementation:

token_endpoint_auth_signing_alg
application_type
sector_identifier_uri
subject_type
id_token_signed_response_alg
id_token_encrypted_response_alg
id_token_encrypted_response_enc
userinfo_signed_response_alg
userinfo_encrypted_response_alg
userinfo_encrypted_response_enc
default_max_age
require_auth_time
default_acr_values
initiate_login_uri
request_object_signing_alg
request_object_encryption_alg
request_object_encryption_enc
request_uris

The OpenID Connect certification test suite attempts to register some of those parameters.

Note that some other specs like OpenID Connect RP-Initiated Logout add their own claims like post_logout_redirect_uris. #500

The text was updated successfully, but these errors were encountered:

azmeuk added the feature request label Feb 13, 2025

azmeuk mentioned this issue Feb 19, 2025

OpenID Connect Dynamic Client Registration #707

Merged

lepture closed this as completed in #707 Feb 20, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Support for OpenID Connect Dynamic Client Registration #705

Support for OpenID Connect Dynamic Client Registration #705

azmeuk commented Feb 13, 2025 •

edited

Loading

Support for OpenID Connect Dynamic Client Registration #705

Support for OpenID Connect Dynamic Client Registration #705

Comments

azmeuk commented Feb 13, 2025 • edited Loading

azmeuk commented Feb 13, 2025 •

edited

Loading