Remove old Test-IDP |
The old Test-IDP will be removed. |
October 2024 |
|
Remove the endpoint clientinfo_endpoint |
This endpoint gives out metadata about a Client. The endpoint is scarcely used, and the metadata for a Client is readily available in HelseID Selvbetjening. |
October 2024 |
December 2024 |
Remove old amr claim |
The old claim helseid://claims/client/claims/amr will be removed. The information will be replaced by the client_amr claim, which is already in production. |
October 2024 |
December 2024 |
Reject implicit or hybrid flow |
Reject all use of hybrid and implicit flow from clients. |
November 2024 |
January 2025 |
Reject Shared Secret |
Reject all clients attempting to use Shared Secret for client authentication. |
November 2024 |
January 2025 |
PKCE requirement |
All clients with user login not using PKCE in the call to the Authorize endpoint will be rejected at runtime. |
|
March 2025 |
PAR requirement |
All clients with user login not using PAR will be rejected at runtime. |
|
during 2025 |