diff --git a/openid-federation-1_0.xml b/openid-federation-1_0.xml index 73a7fb5..bbcc7b0 100644 --- a/openid-federation-1_0.xml +++ b/openid-federation-1_0.xml @@ -6456,8 +6456,7 @@ HTTP/1.1 302 Found -
-
+
The OP processes the request as follows: @@ -6560,25 +6559,30 @@ HTTP/1.1 302 Found registration. This time MUST NOT exceed the expiration time of the Trust Chain that the OP selected to process the request. + + +
+ +
If the OP created a client registration for the RP, it MUST then construct a success response in the form of an Entity Statement. - - + + The OP MUST set the trust_anchor_id claim of the Entity Statement to the Trust Anchor it selected to process the request. The authority_hints claim MUST be set to the OP's Immediate Superior in the selected Trust Chain. - - + + The OP MUST set the exp claim to the expiration time of the created registration. The OP MAY choose to invalidate the registration before that, as explained in . - - + + The OP MUST express the client registration it created for the RP by means of the metadata claim, by placing the metadata parameters under the @@ -6589,8 +6593,8 @@ HTTP/1.1 302 Found for the RP. If the RP was provisioned with credentials, for example a client_secret, these MUST be included as well. - - + + The OP SHOULD include metadata parameters that have a default value, for example token_endpoint_auth_method @@ -6602,11 +6606,9 @@ HTTP/1.1 302 Found The OP MUST sign the registration Entity Statement with a current Federation Entity Key in its possession. - - - The following Entity Statement claims are specified for use in - Explicit Registration responses. + The following Entity Statement claims are used in + Explicit Registration responses: @@ -6700,7 +6702,7 @@ HTTP/1.1 302 Found
-
+
@@ -6754,7 +6756,6 @@ HTTP/1.1 302 Found
-