Skip to content

Commit

Permalink
Update draft-ietf-oauth-attestation-based-client-auth.md
Browse files Browse the repository at this point in the history 
Co-authored-by: Brian Campbell <[email protected]>
  • Loading branch information
@tplooker @bc-pi
tplooker and bc-pi authored Jan 23, 2024
1 parent 3b845b9 commit 833eea8
Showing 1 changed file with 0 additions and 1 deletion.
1 change: 0 additions & 1 deletion draft-ietf-oauth-attestation-based-client-auth.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,6 @@ cC4hiUPo[...omitted for brevity...]

In order to authenticate the client using this scheme, the authorization server MUST validate BOTH the Client Attestation JWT present in the "client_assertion" parameter and the DPoP HTTP header according to the criteria below.

It is RECOMMENDED that the authorization server validate the Client Attestation JWT prior to validating the DPoP HTTP header.

### Client Attestation JWT {#client-attestation-jwt}

Expand Down

0 comments on commit 833eea8

Please sign in to comment.