Closed CDR-API-Stream closed 12 months ago
For clarity https://api.cdr.gov.au/idp/.well-known/openid-configuration is only a valid .well-known
RFC8615 path if the base-url includes the /idp
. Suggest this means that the Register Base URIs should instead have an Auth Base URI
added with /idp
.
Further on /jwks
, it is accurate but what is missing is the construction of the Base URI like the Standards. Aligning to the Holder construction method introduces consistency.
Standards version 1.25.0 has now been published, incorporating this change.
Description
The API paths and associated non-normative examples provided for the Register APIs
Get OpenId Provider Config
andGet JWKS
are incorrect.This issue occurred during the migration of the Register design into the Consumer Data Standards.
Area Affected
Get OpenId Provider Config
https://consumerdatastandardsaustralia.github.io/standards/?examples#get-openid-provider-config
Current Documentation: GET /.well-known/openid-configuration
Associated Non-Normative Example: GET https://\<register-base-url>/.well-known/openid-configuration HTTP/1.1
Actual Production Path: https://api.cdr.gov.au/idp/.well-known/openid-configuration
Get JWKS
https://consumerdatastandardsaustralia.github.io/standards/?examples#get-jwks
Current Documentation: GET /jwks
Associated Non-Normative Example: GET https://\<register-base-url>/jwks HTTP/1.1
Actual Production Path: https://api.cdr.gov.au/cdr-register/v1/jwks
Change Proposed
Get OpenId Provider Config
Add the missing
idp
component to the pathGet JWKS
Add the missing
cdr-register/v1
component to the path