: A new JSON-based parameter used in authorization and token requests.
: Use encrypted or signed tokens (JWTs) if the authorization details contain sensitive transaction data. 4839005059204218ae8e0c51956c63d6.rar
: Update the consent UI to parse the JSON authorization_details and display them in a human-readable format (e.g., "Allow app to pay $50.00 from Account X"). : A new JSON-based parameter used in authorization
: A string identifying the type of authorization (e.g., payment_initiation , account_information ). : A string identifying the type of authorization (e
: Publish these types in your OAuth server metadata so clients know what they can request.
This feature enables clients to specify fine-grained authorization requirements, such as requesting access to specific bank accounts or certain transaction amounts, rather than using broad, pre-defined scopes. 1. Core Components
: Reflect the authorized details in the resulting Access Token or via the Introspection Response for Resource Servers to verify. 3. Security Considerations