tplooker
commented
1 year ago @Sakurann can you please elaborate on the usecase here, the attached issue doesn't provide any context.
Open Sakurann opened 1 year ago
tplooker
commented
1 year ago @Sakurann can you please elaborate on the usecase here, the attached issue doesn't provide any context.
Can this draft be extended to define a new grant type
urn:ietf:params:oauth:client-assertion-type:jwt-client-attestationwhere a sender-constrained JWT can be used to request an Access Token? for example, i think it would be useful in use-cases like catena-x https://github.com/eclipse-tractusx/identity-trust/issues/34 (cc @c2bo) Inspiration for the suggestion is https://www.rfc-editor.org/rfc/rfc7523, which definedurn:ietf:params:oauth:grant-type:jwt-bearerboth for client authentication and a new grant type.