·
1 commit
to main
since this release
- Added security consideration around displaying logos to end users
- Changed query string parameters in Client ID Metadata Document URLs to "SHOULD NOT", since this encourages bad security practices (e.g., minting documents based on query string parameters)
- Added prohibition on the client_secret_expires_at property, as it is not relevant for Client ID Metadata Documents.
- Added security consideration for development use-cases.