Closed dshanske closed 3 years ago
I think this is wrong?
Maybe I am missing something, but I think grant_type
has always been required. It was response_type
that was optional (in the case of response_type=id
) and that has been documented as part of the August 9th changes.
Am I misreading something?
@Zegnat For the token endpoint, but not the authorization endpoint.
Ah, found it now @dshanske. Thanks! PR opened with fix.
In the current living standard, grant_type is required by the authorization endpoint. In the prior version, it was not. This change needs to be documented due the fact it could be a breaking change.