Github user mcgilman commented on the issue: https://github.com/apache/nifi/pull/2213 @Senthilannaswamy I just double check the specification and the suggested changes make sense. > token_endpoint_auth_methods_supported > OPTIONAL. JSON array containing a list of Client Authentication methods supported by this Token Endpoint. The options are client_secret_post, client_secret_basic, client_secret_jwt, and private_key_jwt, as described in Section 9 of OpenID Connect Core 1.0 [OpenID.Core]. Other authentication methods MAY be defined by extensions. If omitted, the default is client_secret_basic -- the HTTP Basic Authentication Scheme specified in Section 2.3.1 of OAuth 2.0 [RFC6749]. Before we accept the PR, can you please file a JIRA [1] and update your commit message to reference the ticket. Take a peek at another PR for an example. Thanks! I can also file the JIRA for you if you prefer. [1] https://issues.apache.org/jira/projects/NIFI
---