AuthEndpoint.AutomaticRedirectInvalidScope

Are invalid scopes automatically redirected back?

This test checks if the authorization server redirects the user agent back to the redirect URI when an invalid scope is used.

View source code on GitHub

Documents

This test is part of the following document(s):

• OAuth 2.0 Security Best Current Practice (draft 25) (SecBCP), section 4.17 (should)

Back to the test case overview or the threat overview