contacts
Registry Context
Contact information for people responsible for an OAuth client, typically email addresses. The authorization server may expose these addresses to end-users for client support.
Technical Summary
The `contacts` client metadata field is a JSON array of strings representing ways to contact people responsible for the client.
When Used
Used in client registration metadata to provide support or administrative contact details for the client.
Normative Requirements
Authorization servers
RFC 7591 - Section 2
Make the contact addresses available to end-users for client support requests..
Condition: When processing or presenting the `contacts` metadata.
The authorization server MAY make these contact addresses available to end-users for support requests for the client.
Implementations
RFC 7591 - Section 2
Implement and use the `contacts` client metadata field optionally, unless stated otherwise by an applicable specification..
The implementation and use of all client metadata fields is OPTIONAL, unless stated otherwise.
Validation Guidance
When present, verify that `contacts` is a JSON array and that every array element is a string.
Security Notes
RFC 7591 - Section 6
Contact information can be exposed to end-users and will be available to authorization server administrators, creating a privacy consideration for the responsible parties.
Reference
Details
- Entry Id
contacts- Client Metadata Name
contacts- Client Metadata Description
Array of strings representing ways to contact people responsible for this client, typically email addresses- Change Controller
IESG- Reference
RFC7591