[
https://issues.apache.org/jira/browse/SLING-13047?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nicola Scendoni reassigned SLING-13047:
---------------------------------------
Assignee: Nicola Scendoni
> Add RFC 8707 Resource Indicators support to Sling OIDC Authentication Handler
> -----------------------------------------------------------------------------
>
> Key: SLING-13047
> URL: https://issues.apache.org/jira/browse/SLING-13047
> Project: Sling
> Issue Type: Improvement
> Components: Extensions
> Reporter: Nicola Scendoni
> Assignee: Nicola Scendoni
> Priority: Major
> Labels: OAuth2, oidc
>
> The Sling OIDC Authentication Handler does not currently support *RFC 8707
> (Resource Indicators for OAuth 2.0)*. This limits compatibility with
> OIDC/OAuth2 providers that require or recommend the resource parameter to
> request audience-specific access tokens.{*}{*}
> {*}Proposal{*}{*}{*}
> * Add optional support for RFC 8707 resource parameters
> * Make resource values configurable via OSGi
> * Include resource in authorization and token requests when configured
> * Preserve backward compatibility
> {*}Reference{*}{*}{*}
> RFC 8707: https://datatracker.ietf.org/doc/html/rfc8707
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
