This test determines whether the identity token uses keys that are communicated in advance using Discovery and Registration parameters, instead of the JWS x5u, x5c, jku and jwk header claims.
This test is part of the following document(s):
Back to the test case overview or the threat overview