You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The OAuth and OpenID Connect specifications use a standard pattern to enable extensibility in a way that the use of extensions does not break existing deployments. That pattern is:
Where a set of values is defined, specify that additional values MAY be defined and used.
Where a set of values is used, specify that values that are not understood MUST be ignored.
Language incorporating this pattern is currently missing from the specification. We should add it where metadata parameters are defined and also for other parameter sets. Otherwise, we'll be building a brittle specification whose deployments will break by rejecting unexpected values when they are added as their ecosystems evolve.
For examples of the use of this pattern in OpenID and OAuth specifications, see the companion issue openid/OpenID4VP#227.
The text was updated successfully, but these errors were encountered:
The OAuth and OpenID Connect specifications use a standard pattern to enable extensibility in a way that the use of extensions does not break existing deployments. That pattern is:
Language incorporating this pattern is currently missing from the specification. We should add it where metadata parameters are defined and also for other parameter sets. Otherwise, we'll be building a brittle specification whose deployments will break by rejecting unexpected values when they are added as their ecosystems evolve.
For examples of the use of this pattern in OpenID and OAuth specifications, see the companion issue openid/OpenID4VP#227.
The text was updated successfully, but these errors were encountered: