Re: [Dev] Why is redirect_uris mandatory in DCR request?

2017-04-27 Thread Gayan Gunawardana
According to documentation in [1] { "redirect_uris": ["server.example.com"], "client_name": "application_1", "ext_param_owner": "application_owner", "grant_types": ["password"] } Still our intension is to accept DCR request with redirect_uris for password grant type. Only concern

Re: [Dev] Why is redirect_uris mandatory in DCR request?

2017-04-26 Thread Harsha Thirimanna
On 27 Apr 2017 10:56 a.m., "Manoj Gunawardena" wrote: +1 for removing mandatory validation. Dynamic OAUTH2 client Registration management protocol [1] will implement in IS next version? Yes Once support that, DCR should be able to update the mandatory or optional of redirect

Re: [Dev] Why is redirect_uris mandatory in DCR request?

2017-04-26 Thread Manoj Gunawardena
+1 for removing mandatory validation. Dynamic OAUTH2 client Registration management protocol [1] will implement in IS next version? Once support that, DCR should be able to update the mandatory or optional of redirect urls depends on the grant type. [1] https://tools.ietf.org/html/rfc7592

Re: [Dev] Why is redirect_uris mandatory in DCR request?

2017-04-25 Thread Nuwandi Wickramasinghe
Thanks Johann and Pushpalanka. Updated [1] with details. [1] - https://wso2.org/jira/browse/IDENTITY-5879 On Tue, Apr 25, 2017 at 8:19 PM, Pushpalanka Jayawardhana wrote: > Hi, > > On Tue, Apr 25, 2017 at 7:51 PM, Johann Nallathamby > wrote: > >> +1. However

Re: [Dev] Why is redirect_uris mandatory in DCR request?

2017-04-25 Thread Johann Nallathamby
+1. However we have to make sure that if we update the application with authorization_code or implicit grant type, then we have to validate that at least one redirect_uri is also provided. Regards, Johann. On Tue, Apr 25, 2017 at 5:46 PM, Nuwandi Wickramasinghe wrote: > Hi,

Re: [Dev] Why is redirect_uris mandatory in DCR request?

2017-04-25 Thread Pushpalanka Jayawardhana
Hi, On Tue, Apr 25, 2017 at 7:51 PM, Johann Nallathamby wrote: > +1. However we have to make sure that if we update the application with > authorization_code or implicit grant type, then we have to validate that at > least one redirect_uri is also provided. > > Regards, >

[Dev] Why is redirect_uris mandatory in DCR request?

2017-04-25 Thread Nuwandi Wickramasinghe
Hi, As per the DCR implementation in WSO2 IS 5.3.0, it is mandatory to send at least one redirect uri for any grant type and otherwise will give following error response. { "error_description": "RedirectUris property must have at least one URI value.", "error": "invalid_client_metadata" }