TokenEndpoint.ClientKeySecure

Is the asymmetric client authentication key secure

This test checks if the asymmetric client authentication key secure. A key must be 2048 bits or larger for RSA or 160 bits or larger for ECDSA.

View source code on GitHub

Documents

This test is part of the following document(s):

• Financial-grade API Security Profile (FAPI) 1.0 – Part 1: Baseline (FAPI1Base), section 5.2.2 (must)

Back to the test case overview or the threat overview