1.2.0 (13/02/2023)¶ ↑
Pushed Authorization Requests (PAR)¶ ↑
rodauth-oauth supports Pushed Authorization Requests, via the
More info about the feature in the wiki.
mTLS Client Auth (+ certificate-bound access tokens)¶ ↑
:oauth_tls_client_auth feature adds support for the variants of mTLS Client Authentication “PKI Mutual-TLS Method” and 2Self-Signed Certificate Mutual-TLS Method“. It also supports client certificate bound access tokens.
More about it in the wiki.
Dynamic Client Registration management¶ ↑
Support for dynamci client registration management was added to the
More info about it in the wiki.
Support for 3rd-party initiated login was added, by including support for the
initiate_login_uriattribute in the register route from the
Support for multitenant resource ownership was added, here’s a description from the wiki.
oidc: userinfo claims were not including claims with value
false, such as
"email_verified". This behaviour has been fixed, and only claims of value