oauth2.dev

claims_parameter_supported

OpenID_Foundation_Artifact_Binding_WG

Registry Context

RFC 8414 does not define the meaning, type, or default value of claims_parameter_supported. It permits authorization server metadata to contain additional parameters defined by specifications such as OpenID Connect Discovery 1.0.

Technical Summary

claims_parameter_supported is an OpenID Connect Discovery metadata parameter, not one of the metadata values defined by RFC 8414. RFC 8414 Sections 2 and 3.2 permit additional metadata parameters and claims in an authorization server metadata response.

When Used

Used when publishing the OpenID Connect Discovery parameter in an authorization server metadata document that supports extension metadata.

Normative Requirements

Authorization servers

MUST
1

  1. RFC 8414 - Section 3.2

    use the 200 OK status code and return a JSON object with the application/json content type.

    Condition: when returning a successful authorization server metadata response

    A successful response MUST use the 200 OK HTTP status code and return a JSON object using the "application/json" content type.

MAY
2

  1. RFC 8414 - Section 2

    use additional authorization server metadata parameters.

    Condition: including parameters defined by other specifications such as OpenID Connect Discovery 1.0

    Additional authorization server metadata parameters MAY also be used.

  2. RFC 8414 - Section 3.2

    return claims other than the metadata values defined in RFC 8414 Section 2.

    Condition: in an authorization server metadata response

    Other claims MAY also be returned.

Validation Guidance

info

Allow claims_parameter_supported as an additional member of an OAuth authorization server metadata response.

warning

Do not reject claims_parameter_supported solely because it is not defined among the RFC 8414 Section 2 metadata values.

info

Do not derive the member's meaning, JSON type, or default value from RFC 8414; validate those properties against OpenID Connect Discovery 1.0.

error

For a successful metadata response containing this member, require HTTP 200 and a JSON object served with the application/json content type.

Reference

OpenID Connect Discovery 1.0 - Section 3

Details

Entry Id
claims_parameter_supported
Metadata Name
claims_parameter_supported
Metadata Description
Boolean value specifying whether the OP supports use of the "claims" parameter
Change Controller
OpenID_Foundation_Artifact_Binding_WG
Reference
OpenID Connect Discovery 1.0 - Section 3