oauth2.dev

client_assertion_type

IESG

Registry Context

Identifies the assertion format used when a client authenticates with an assertion.

Technical Summary

RFC 7521 defines `client_assertion_type` as a REQUIRED client-authentication request parameter whose value is an absolute URI identifying an assertion format defined by the authorization server.

When Used

When a client uses an assertion as its credentials for client authentication.

Normative Requirements

Clients

REQUIRED
1
  1. RFC 7521 - Section 4.2

    include the `client_assertion_type` HTTP request parameter.

    Condition: when using an assertion as client credentials

    client_assertion_type REQUIRED.

Validation Guidance

error

Verify that the `client_assertion_type` value is an absolute URI identifying an assertion format defined by the authorization server.

Reference

Details

Entry Id
client_assertion_type
Name
client_assertion_type
Parameter Usage Location
token request
Change Controller
IESG
Reference
RFC7521