Skip to content

Commit

Permalink
add docs
Browse files Browse the repository at this point in the history
  • Loading branch information
@gerardsn
gerardsn committed May 14, 2024
1 parent 1f1ab4c commit 1c7063a
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions docs/pages/deployment/oauth.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ Authorization Code Flow
For the authorization code flow, the Nuts node implements the following:

- JAR (JWT Secured Authorization Request) for both the initial authorization request as well as the OpenID4VP authorization request.
All request use the ``request_uri`` parameter meaning that other request parameters cannot be inspected in the authorization request itself.
- PKCE (Proof Key for Code Exchange) for the authorization code flow. The call of the initial authorization request is linked to the token request.
- DPoP (Demonstrating Proof of Possession) for the token request. Each resources request will require a new DPoP Proof header.
The resource server is also required to check this header in an additional step after the token introspection.
Expand Down

0 comments on commit 1c7063a

Please sign in to comment.