The Client Authentication section mentions the "Directory Issuer metadata", but it's not clear to me what this is. A hyperlink or description would be helpful.
Furthermore, I think it would be helpful to be explicit about when client authentication is used and how it differs to MTLS as a holder of key mechanism.
The Client Authentication section mentions the "Directory Issuer metadata", but it's not clear to me what this is. A hyperlink or description would be helpful.
Furthermore, I think it would be helpful to be explicit about when client authentication is used and how it differs to MTLS as a holder of key mechanism.