Skip to main content

ClientRegistrationRequest.Parameters Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Model.ClientRegistrationRequest

ClientRegistrationRequest.Parameters Class

Wire-level parameter names for the dynamic client registration request (RFC 7591 and OpenID Connect Dynamic Client Registration 1.0). Each constant is the JSON member name expected on the registration payload sent to the registration endpoint.

public static class ClientRegistrationRequest.Parameters

Inheritance System.Object → Parameters

Fields

ClientRegistrationRequest.Parameters.ApplicationType Field

The application_type registration parameter that classifies the client as a web or native application.

public const string ApplicationType = "application_type";

Field Value

System.String

ClientRegistrationRequest.Parameters.AuthorizationDetailsTypes Field

The authorization_details_types registration parameter (RFC 9396 §5.1): per-client allowlist of authorization-detail type values this client may use in Rich Authorization Requests.

public const string AuthorizationDetailsTypes = "authorization_details_types";

Field Value

System.String

ClientRegistrationRequest.Parameters.AuthorizationEncryptedResponseAlg Field

The authorization_encrypted_response_alg registration parameter naming the JWE key-management algorithm used when encrypting JARM authorization responses.

public const string AuthorizationEncryptedResponseAlg = "authorization_encrypted_response_alg";

Field Value

System.String

ClientRegistrationRequest.Parameters.AuthorizationEncryptedResponseEnc Field

The authorization_encrypted_response_enc registration parameter naming the JWE content-encryption algorithm for JARM authorization responses.

public const string AuthorizationEncryptedResponseEnc = "authorization_encrypted_response_enc";

Field Value

System.String

ClientRegistrationRequest.Parameters.AuthorizationSignedResponseAlg Field

The authorization_signed_response_alg registration parameter naming the JWS algorithm the OP must use to sign JARM authorization responses for this client.

public const string AuthorizationSignedResponseAlg = "authorization_signed_response_alg";

Field Value

System.String

ClientRegistrationRequest.Parameters.BackChannelAuthenticationRequestSigningAlg Field

The backchannel_authentication_request_signing_alg CIBA registration parameter naming the JWS algorithm used to sign backchannel authentication requests.

public const string BackChannelAuthenticationRequestSigningAlg = "backchannel_authentication_request_signing_alg";

Field Value

System.String

ClientRegistrationRequest.Parameters.BackChannelClientNotificationEndpoint Field

The backchannel_client_notification_endpoint CIBA registration parameter providing the URL at which the OP delivers ping or push notifications.

public const string BackChannelClientNotificationEndpoint = "backchannel_client_notification_endpoint";

Field Value

System.String

ClientRegistrationRequest.Parameters.BackChannelLogoutSessionRequired Field

The backchannel_logout_session_required registration parameter; when true, the OP must include the sid claim in the logout token.

public const string BackChannelLogoutSessionRequired = "backchannel_logout_session_required";

Field Value

System.String

ClientRegistrationRequest.Parameters.BackChannelLogoutUri Field

The backchannel_logout_uri registration parameter pointing to the client's back-channel logout endpoint.

public const string BackChannelLogoutUri = "backchannel_logout_uri";

Field Value

System.String

ClientRegistrationRequest.Parameters.BackChannelTokenDeliveryMode Field

The backchannel_token_delivery_mode CIBA registration parameter selecting how tokens are delivered (poll, ping, or push).

public const string BackChannelTokenDeliveryMode = "backchannel_token_delivery_mode";

Field Value

System.String

ClientRegistrationRequest.Parameters.BackChannelUserCodeParameter Field

The backchannel_user_code_parameter CIBA registration parameter; when true, the client may submit a user code with backchannel authentication requests.

public const string BackChannelUserCodeParameter = "backchannel_user_code_parameter";

Field Value

System.String

ClientRegistrationRequest.Parameters.ClientId Field

The client_id registration parameter; a client-proposed identifier that the OP may accept or ignore.

public const string ClientId = "client_id";

Field Value

System.String

ClientRegistrationRequest.Parameters.ClientName Field

The client_name registration parameter providing a human-readable display name shown to end-users on consent screens.

public const string ClientName = "client_name";

Field Value

System.String

ClientRegistrationRequest.Parameters.ClientUri Field

The client_uri registration parameter pointing to the client application's home page.

public const string ClientUri = "client_uri";

Field Value

System.String

ClientRegistrationRequest.Parameters.Contacts Field

The contacts registration parameter listing email addresses of people responsible for the client.

public const string Contacts = "contacts";

Field Value

System.String

ClientRegistrationRequest.Parameters.DefaultAcrValues Field

The default_acr_values registration parameter listing default Authentication Context Class Reference values applied when the request omits acr_values.

public const string DefaultAcrValues = "default_acr_values";

Field Value

System.String

ClientRegistrationRequest.Parameters.DefaultMaxAge Field

The default_max_age registration parameter specifying the default maximum authentication age (in seconds) for authorization requests from this client.

public const string DefaultMaxAge = "default_max_age";

Field Value

System.String

ClientRegistrationRequest.Parameters.DpopBoundAccessTokens Field

The dpop_bound_access_tokens registration parameter (RFC 9449 §5.2) requiring DPoP-bound access tokens for this client.

public const string DpopBoundAccessTokens = "dpop_bound_access_tokens";

Field Value

System.String

ClientRegistrationRequest.Parameters.FrontChannelLogoutSessionRequired Field

The frontchannel_logout_session_required registration parameter; when true, the OP must append iss and sid parameters to the front-channel logout URI.

public const string FrontChannelLogoutSessionRequired = "frontchannel_logout_session_required";

Field Value

System.String

ClientRegistrationRequest.Parameters.FrontChannelLogoutUri Field

The frontchannel_logout_uri registration parameter pointing to the client's front-channel logout endpoint.

public const string FrontChannelLogoutUri = "frontchannel_logout_uri";

Field Value

System.String

ClientRegistrationRequest.Parameters.GrantTypes Field

The grant_types registration parameter declaring the grant type values the client will use at the token endpoint.

public const string GrantTypes = "grant_types";

Field Value

System.String

ClientRegistrationRequest.Parameters.IdTokenEncryptedResponseAlg Field

The id_token_encrypted_response_alg registration parameter naming the JWE key-management algorithm used when encrypting ID Tokens.

public const string IdTokenEncryptedResponseAlg = "id_token_encrypted_response_alg";

Field Value

System.String

ClientRegistrationRequest.Parameters.IdTokenEncryptedResponseEnc Field

The id_token_encrypted_response_enc registration parameter naming the JWE content-encryption algorithm used with the key-management algorithm above.

public const string IdTokenEncryptedResponseEnc = "id_token_encrypted_response_enc";

Field Value

System.String

ClientRegistrationRequest.Parameters.IdTokenSignedResponseAlg Field

The id_token_signed_response_alg registration parameter naming the JWS algorithm the OP must use to sign ID Tokens for this client.

public const string IdTokenSignedResponseAlg = "id_token_signed_response_alg";

Field Value

System.String

ClientRegistrationRequest.Parameters.InitiateLoginUri Field

The initiate_login_uri registration parameter pointing to a URL the OP may invoke to initiate a login flow at the client.

public const string InitiateLoginUri = "initiate_login_uri";

Field Value

System.String

ClientRegistrationRequest.Parameters.IntrospectionEncryptedResponseAlg Field

The introspection_encrypted_response_alg registration parameter (RFC 9701) naming the JWE key-management algorithm used when encrypting introspection responses.

public const string IntrospectionEncryptedResponseAlg = "introspection_encrypted_response_alg";

Field Value

System.String

ClientRegistrationRequest.Parameters.IntrospectionEncryptedResponseEnc Field

The introspection_encrypted_response_enc registration parameter (RFC 9701) naming the JWE content-encryption algorithm for introspection responses.

public const string IntrospectionEncryptedResponseEnc = "introspection_encrypted_response_enc";

Field Value

System.String

ClientRegistrationRequest.Parameters.IntrospectionSignedResponseAlg Field

The introspection_signed_response_alg registration parameter (RFC 9701) naming the JWS algorithm the OP must use when signing introspection responses for this client.

public const string IntrospectionSignedResponseAlg = "introspection_signed_response_alg";

Field Value

System.String

ClientRegistrationRequest.Parameters.Jwks Field

The jwks registration parameter carrying the client's JSON Web Key Set inline.

public const string Jwks = "jwks";

Field Value

System.String

ClientRegistrationRequest.Parameters.JwksUri Field

The jwks_uri registration parameter referencing the client's published JSON Web Key Set.

public const string JwksUri = "jwks_uri";

Field Value

System.String

ClientRegistrationRequest.Parameters.LogoUri Field

The logo_uri registration parameter pointing to an image rendered next to the client name during authentication and consent.

public const string LogoUri = "logo_uri";

Field Value

System.String

ClientRegistrationRequest.Parameters.OfflineAccessAllowed Field

The offline_access_allowed registration parameter (server extension) controlling whether the client may request the offline_access scope and obtain refresh tokens.

public const string OfflineAccessAllowed = "offline_access_allowed";

Field Value

System.String

ClientRegistrationRequest.Parameters.PkceRequired Field

The pkce_required registration parameter (server extension) marking the client as PKCE-only at the authorization endpoint.

public const string PkceRequired = "pkce_required";

Field Value

System.String

ClientRegistrationRequest.Parameters.PolicyUri Field

The policy_uri registration parameter pointing to the client's privacy policy.

public const string PolicyUri = "policy_uri";

Field Value

System.String

ClientRegistrationRequest.Parameters.PostLogoutRedirectUris Field

The post_logout_redirect_uris registration parameter listing absolute URIs the OP may redirect to after RP-initiated logout.

public const string PostLogoutRedirectUris = "post_logout_redirect_uris";

Field Value

System.String

ClientRegistrationRequest.Parameters.RedirectUris Field

The redirect_uris registration parameter listing the absolute URIs the OP may use to deliver authorization responses to this client.

public const string RedirectUris = "redirect_uris";

Field Value

System.String

ClientRegistrationRequest.Parameters.RequestObjectEncryptionAlg Field

The request_object_encryption_alg registration parameter naming the JWE key-management algorithm used when encrypting Request Objects.

public const string RequestObjectEncryptionAlg = "request_object_encryption_alg";

Field Value

System.String

ClientRegistrationRequest.Parameters.RequestObjectEncryptionEnc Field

The request_object_encryption_enc registration parameter naming the JWE content-encryption algorithm for Request Objects.

public const string RequestObjectEncryptionEnc = "request_object_encryption_enc";

Field Value

System.String

ClientRegistrationRequest.Parameters.RequestObjectSigningAlg Field

The request_object_signing_alg registration parameter naming the JWS algorithm the client uses when signing Request Objects.

public const string RequestObjectSigningAlg = "request_object_signing_alg";

Field Value

System.String

ClientRegistrationRequest.Parameters.RequestUris Field

The request_uris registration parameter listing URIs the OP may pre-fetch and cache for use as request_uri values.

public const string RequestUris = "request_uris";

Field Value

System.String

ClientRegistrationRequest.Parameters.RequireAuthTime Field

The require_auth_time registration parameter; when true, the OP must always include the auth_time claim in ID Tokens for this client.

public const string RequireAuthTime = "require_auth_time";

Field Value

System.String

ClientRegistrationRequest.Parameters.RequirePushedAuthorizationRequests Field

The require_pushed_authorization_requests registration parameter (RFC 9126 §6) making PAR the only way this client may start an authorization flow.

public const string RequirePushedAuthorizationRequests = "require_pushed_authorization_requests";

Field Value

System.String

ClientRegistrationRequest.Parameters.RequireSignedRequestObject Field

The require_signed_request_object registration parameter (RFC 9101 §10.5) committing this client to signed request objects.

public const string RequireSignedRequestObject = "require_signed_request_object";

Field Value

System.String

ClientRegistrationRequest.Parameters.ResponseTypes Field

The response_types registration parameter declaring the response type values the client intends to use at the authorization endpoint.

public const string ResponseTypes = "response_types";

Field Value

System.String

ClientRegistrationRequest.Parameters.Scope Field

The scope registration parameter listing scope values the client will use (space-separated per RFC 7591 §2).

public const string Scope = "scope";

Field Value

System.String

ClientRegistrationRequest.Parameters.SectorIdentifierUri Field

The sector_identifier_uri registration parameter used when computing pairwise pseudonymous subject identifiers.

public const string SectorIdentifierUri = "sector_identifier_uri";

Field Value

System.String

ClientRegistrationRequest.Parameters.SoftwareId Field

The software_id registration parameter identifying the client software product.

public const string SoftwareId = "software_id";

Field Value

System.String

ClientRegistrationRequest.Parameters.SoftwareStatement Field

The software_statement registration parameter carrying a signed JWT assertion of metadata values about the client software (RFC 7591 §2.3).

public const string SoftwareStatement = "software_statement";

Field Value

System.String

ClientRegistrationRequest.Parameters.SoftwareVersion Field

The software_version registration parameter naming the client software version.

public const string SoftwareVersion = "software_version";

Field Value

System.String

ClientRegistrationRequest.Parameters.SubjectType Field

The subject_type registration parameter selecting public or pairwise ID Token sub values.

public const string SubjectType = "subject_type";

Field Value

System.String

ClientRegistrationRequest.Parameters.TlsClientAuthSanDns Field

The tls_client_auth_san_dns registration parameter (RFC 8705) carrying expected DNS Subject Alternative Names on the client's mTLS certificate.

public const string TlsClientAuthSanDns = "tls_client_auth_san_dns";

Field Value

System.String

ClientRegistrationRequest.Parameters.TlsClientAuthSanEmail Field

The tls_client_auth_san_email registration parameter (RFC 8705) carrying expected email Subject Alternative Names on the client's mTLS certificate.

public const string TlsClientAuthSanEmail = "tls_client_auth_san_email";

Field Value

System.String

ClientRegistrationRequest.Parameters.TlsClientAuthSanIp Field

The tls_client_auth_san_ip registration parameter (RFC 8705) carrying expected IP-address Subject Alternative Names on the client's mTLS certificate.

public const string TlsClientAuthSanIp = "tls_client_auth_san_ip";

Field Value

System.String

ClientRegistrationRequest.Parameters.TlsClientAuthSanUri Field

The tls_client_auth_san_uri registration parameter (RFC 8705) carrying expected URI Subject Alternative Names on the client's mTLS certificate.

public const string TlsClientAuthSanUri = "tls_client_auth_san_uri";

Field Value

System.String

ClientRegistrationRequest.Parameters.TlsClientAuthSubjectDn Field

The tls_client_auth_subject_dn registration parameter (RFC 8705) carrying the expected Subject Distinguished Name on the client's mTLS certificate.

public const string TlsClientAuthSubjectDn = "tls_client_auth_subject_dn";

Field Value

System.String

ClientRegistrationRequest.Parameters.TlsClientCertificateBoundAccessTokens Field

The tls_client_certificate_bound_access_tokens registration parameter (RFC 8705 §3.4) requesting certificate-bound access tokens independently of the authentication method.

public const string TlsClientCertificateBoundAccessTokens = "tls_client_certificate_bound_access_tokens";

Field Value

System.String

ClientRegistrationRequest.Parameters.TokenEndpointAuthMethod Field

The token_endpoint_auth_method registration parameter selecting the client authentication method used at the token endpoint.

public const string TokenEndpointAuthMethod = "token_endpoint_auth_method";

Field Value

System.String

ClientRegistrationRequest.Parameters.TokenEndpointAuthSigningAlg Field

The token_endpoint_auth_signing_alg registration parameter naming the JWS algorithm used when the client authenticates with a signed JWT assertion.

public const string TokenEndpointAuthSigningAlg = "token_endpoint_auth_signing_alg";

Field Value

System.String

ClientRegistrationRequest.Parameters.TokenExchangeAudiences Field

The token_exchange_audiences registration parameter (non-standard extension; RFC 8693 does not standardise it): default-deny per-client allowlist of audience values this client may request when exchanging a token.

public const string TokenExchangeAudiences = "token_exchange_audiences";

Field Value

System.String

ClientRegistrationRequest.Parameters.TokenExchangeSubjectTokenTypes Field

The token_exchange_subject_token_types registration parameter (non-standard extension; RFC 8693 does not standardise it): per-client allowlist of subject_token_type URIs this client may submit to the Token Exchange grant.

public const string TokenExchangeSubjectTokenTypes = "token_exchange_subject_token_types";

Field Value

System.String

ClientRegistrationRequest.Parameters.TosUri Field

The tos_uri registration parameter pointing to the client's terms of service.

public const string TosUri = "tos_uri";

Field Value

System.String

ClientRegistrationRequest.Parameters.UserInfoEncryptedResponseAlg Field

The userinfo_encrypted_response_alg registration parameter naming the JWE key-management algorithm used when encrypting UserInfo responses.

public const string UserInfoEncryptedResponseAlg = "userinfo_encrypted_response_alg";

Field Value

System.String

ClientRegistrationRequest.Parameters.UserInfoEncryptedResponseEnc Field

The userinfo_encrypted_response_enc registration parameter naming the JWE content-encryption algorithm for UserInfo responses.

public const string UserInfoEncryptedResponseEnc = "userinfo_encrypted_response_enc";

Field Value

System.String

ClientRegistrationRequest.Parameters.UserInfoSignedResponseAlg Field

The userinfo_signed_response_alg registration parameter naming the JWS algorithm the OP must use when signing UserInfo responses for this client.

public const string UserInfoSignedResponseAlg = "userinfo_signed_response_alg";

Field Value

System.String