AuthEndpoint.AutomaticRedirectInvalidResponseType

Are invalid response types automatically redirected back?

This test checks if the authorization server redirects the user agent back to the redirect URI when an invalid response type is used.

View source code on GitHub

Documents

This test is part of the following document(s):

• OAuth 2.0 Security Best Current Practice (draft 25) (SecBCP), section 4.17 (should)

Back to the test case overview or the threat overview