This test checks if the device authorization server allows adding (unrecognized) parameters to the request. This can be important to support future extensions of the OAuth 2.0 protocol.
This test is part of the following document(s):
Back to the test case overview or the threat overview