Skip to content

Add support for authenticating confidential client with request body params #55

@synasius

Description

@synasius

We should support confidential clients authentication through request-body parameters.

Note that, as in http://tools.ietf.org/html/rfc6749#section-2.3.1 :

Including the client credentials in the request-body using the two
parameters is NOT RECOMMENDED and SHOULD be limited to clients unable
to directly utilize the HTTP Basic authentication scheme

This should solve #52 (comment)

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions