For PAR, there might be an error code, in which case, it'd be any of the ones suggested earlier in this thread, which even is most appropriate.
(though generally we recommend deferring fetching of the Client ID Metadata Document until after the user has authenticated) – Emelia > On 12 Oct 2025, at 16:37, Filip Skokan <[email protected]> wrote: > >> 2. What is the error if a client_id using this scheme on the authorization >> endpoint isn't acceptable? "unauthorized_client"? > > There's no "error" returned. A rendered error page is expected since there's > no client ergo no validated redirect_uri. > > S pozdravem, > Filip Skokan > > > On Sat, 11 Oct 2025 at 21:43, Michael Sweet > <[email protected] <mailto:[email protected]>> > wrote: >> All, >> >> I finally had a chance to look through this latest (adopted) draft, and I >> like the simplicity this brings over dynamic client registration. That >> said, I have a couple quick comments/questions: >> >> 1. What about PKCE/OpenID "native" authorization with a redirect URI of >> "http://127.0.0.1/some/path";? There is discussion of "maybe the AS will >> require same-origin URIs" but that would preclude native auth flows. Would >> be nice to talk about it and, if optional, have some guidance about what the >> AS does. >> >> 2. What is the error if a client_id using this scheme on the authorization >> endpoint isn't acceptable? "unauthorized_client"? >> >> Thanks to the AS metadata, I can see supporting this in the CUPS OAuth >> client fairly quickly... >> >> ________________________ >> Michael Sweet >> >> _______________________________________________ >> OAuth mailing list -- [email protected] <mailto:[email protected]> >> To unsubscribe send an email to [email protected] >> <mailto:[email protected]> > _______________________________________________ > OAuth mailing list -- [email protected] > To unsubscribe send an email to [email protected]
_______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
