Open StefanoMantero opened 1 month ago
As already mentioned by @Sephster, now the issuer is mandatory!
@Sephster wouldn't RFC 9068 be the relevant spec here? (Now, anyway... I think it did not exist yet when this conversation started.) That does make iss required.
iss
Originally posted by @tgr in https://github.com/thephpleague/oauth2-server/issues/1137#issuecomment-1474717945
As already mentioned by @Sephster, now the issuer is mandatory!
@Sephster wouldn't RFC 9068 be the relevant spec here? (Now, anyway... I think it did not exist yet when this conversation started.) That does make
issrequired.Originally posted by @tgr in https://github.com/thephpleague/oauth2-server/issues/1137#issuecomment-1474717945