Help get this topic noticed by sharing it on Twitter, Facebook, or email.

How should we pass client id & secret in the header?

I was looking into Authroization code flow documented on http://connect2id.com/learn/openid-co....
Curious to know if there is any standard defined regarding "how should an external application send client ID & secret as part of the Authorization header". I mean, should it be the base64 of "client_id=1&client_secret=23434" or "1/23434" or {client_id=1;client_secret=23434}.

Thanks.
Rajesh
1 person has
this question
+1
Reply