Allow sending custom Dpop header during token exchange #651
matthieusieben
started this conversation in
Ideas
Replies: 1 comment 4 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I am trying to implement a "token-mediating backend" architecture described here.
In this architecture, the DPoP private key is owned by the browser. As such, it is the browser's responsability to send its DPoP proof while requesting a new token.
In the current implementation,
openid-client
only allows to provide a DPoP private key during thecallback
. It would be usefull to be able to forward a DPoP proof issues by the browser during this exchange (and let the browser retry when it fails).In order to do this, all that is needed is to be able to provide custom headers (
exchangeHeaders
) in the clientgrant()
method, in addition to the already existingexchangeBody
. Would that make sense ?Beta Was this translation helpful? Give feedback.
All reactions