search

DuendeSoftware / IdentityServer

The most flexible and standards-compliant OpenID Connect and OAuth 2.x framework for ASP.NET Core
https://duendesoftware.com/products/identityserver
Other
1.45k stars 339 forks source link

OAuth 2.1 #150

Open leastprivilege opened 3 years ago

leastprivilege commented 3 years ago

Once the OAuth 2.1 spec is out - what can we do to help consumers to stay within the recommended parameters?

warnings? errors? global switch?

brockallen commented 3 years ago

Maybe even the default mode.

Julien-Marpault commented 2 years ago

Do you plan to remove these features in a future release to be compliant with the new spec ?

leastprivilege commented 2 years ago

no

brockallen commented 1 year ago

Possibly can be done as a config validator? Look into it (and maybe just emit warning logs).

brockallen commented 12 months ago

We will re-review this during the 7.1 timeframe.