Kind of the application.

Name of the Client to be presented to the End-User.

URL that references a logo for the Client application.

URL of the home page of the Client.

URL that the Relying Party Client provides to the End-User to read
about the how the profile data will be used.

URL that the Relying Party Client provides to the End-User to read
about the Relying Party's terms of service.

URL for the Client's JSON Web Key Set document.

URL using the https scheme to be used in calculating Pseudonymous
Identifiers by the OIDC Provider. It is not supported by this implementation
since it only support public subject_type.

subject_type requested for responses to this Client.

JWS "alg" algorithm REQUIRED for signing the ID Token issued to this Client.

JWE "alg" algorithm REQUIRED for encrypting the ID Token issued to this Client.

JWE "enc" algorithm REQUIRED for encrypting the ID Token issued to this Client.

JWS "alg" algorithm REQUIRED for signing UserInfo Responses

JWE "alg" algorithm REQUIRED for encrypting UserInfo Responses

JWE "enc" algorithm REQUIRED for encrypting UserInfo Responses

JWS "alg" algorithm that MUST be used for signing Request Objects
sent to the OIDC Provider

JWE "alg" algorithm the Relying Party is declaring that it may use
for encrypting Request Objects sent to the OIDC Provider

JWE "enc" algorithm the Relying Party is declaring that it may use
for encrypting Request Objects sent to the OIDC Provider

Requested Client Authentication method for the Token Endpoint

JWS "alg" algorithm that MUST be used for signing the JWT used to
authenticate the Client at the Token Endpoint for the private_key_jwt
authentication method.

URI using the https scheme that a third party can use to initiate
a login by the Relying Party

Space-delimited string containing list of scope values that the client
can use when requesting access tokens.

Expected subject distinguished name of the certificate that the
client will use in mutual-TLS authentication.

Expected DNS Name SAN entry in the certificate that the client
will use in mutual-TLS authentication.

Expected RFC822 Name SAN entry in the certificate that the client
will use in mutual-TLS authentication.

Expected IP Address SAN entry in the certificate that the client
will use in mutual-TLS authentication.

Expected Uniform Resource Identifier (URI) SAN entry in the
certificate that the client will use in mutual-TLS authentication

Method of delivering the tokens after a successful user authentication.

The endpoint to which the OIDC Provider will post a notification
after a successful or failed end-user authentication. Required if the
token delivery mode is set to "ping".

A unique identifier string assigned by the client developer or software
publisher used by registration endpoints to identify the client software to
be dynamically registered. The value of this field is not intended to be
human readable and is usually opaque to the client and authorization server.

A version identifier string for the client software identified by
"software_id". The value of the "software_version" SHOULD change
on any update to the client software identified by the same "software_id".

A software statement is a JSON Web Token (JWT) that asserts metadata values about
the client software as a bundle. All the properties above can be specified in
a software statement. When presented to the authorization server as part of a
client registration request, the software statement MUST be digitally signed
and MUST contain an "iss" (issuer) claim denoting the party attesting to the
claims in the software statement. Client metadata values conveyed in the
software statement will take precedence over those conveyed using plain JSON elements.
When using Dynamic Client Registration for FAPI specification, the software statement
is generated by regulatory body and there are certain rules to follow.

MTLS Client Certificate

Generated from available request content types