OIDC Clients must authenticate with the OIDC Provider for the Authorize, Token and Introspect Endpoints. The following authentication scheme is currently supported:
client_secret_basic,
OAuth2 Client Password and HTTP Basic Authentication.The required scheme for any OIDC Client is determined when the OIDC Client is configured at the OIDC Provider.
Support for other authentication schemes like |
OIDC Clients requesting access to Protected Resources must in addition authenticate with Resource Servers using Access Tokens from the OIDC Provider. The autentication requirement for each speficif kind of Resource Server