introspection_ signed_ response_ alg
Registry Context
This optional client metadata parameter lets a resource server, acting as an OAuth client, specify its desired JWS algorithm for signed introspection responses. If omitted, the default is RS256.
Technical Summary
`introspection_signed_response_alg` identifies a JWS `alg` value, as defined by JWA, for signing introspection responses. If specified, the response is signed using JWS and the configured algorithm. The default when omitted is `RS256`.
When Used
When a resource server is configured as an OAuth client, such as through dynamic client registration, and wants to specify its desired signing algorithm for JWT introspection responses.
Normative Requirements
Unspecified actor
RFC 9701 - Section 6
The `introspection_signed_response_alg` client metadata parameter is optional..
`introspection_signed_response_alg` OPTIONAL.
Validation Guidance
If present, validate that the value identifies a JWS `alg` value defined by JWA for signing introspection responses.
If present, use JWS and the configured algorithm to sign the introspection response.
Accept omission and apply `RS256` as the default signing algorithm.
Reference
Details
- Entry Id
introspection_signed_ response_ alg - Client Metadata Name
introspection_signed_ response_ alg - Client Metadata Description
String value indicating the client’s desired introspection response signing algorithm- Change Controller
IETF- Reference
RFC9701 - Section 6