diff --git a/documentation/CAMARA-Security-Interoperability.md b/documentation/CAMARA-Security-Interoperability.md index 28589e8..36f84fd 100644 --- a/documentation/CAMARA-Security-Interoperability.md +++ b/documentation/CAMARA-Security-Interoperability.md @@ -2,36 +2,32 @@ ## Table of Contents -- [CAMARA Security and Interoperability Profile](#camara-security-and-interoperability-profile) - - [Table of Contents](#table-of-contents) - - [Introduction](#introduction) - - [Audience](#audience) - - [Conventions](#conventions) - - [General Considerations](#general-considerations) - - [Transport Security](#transport-security) - - [OIDC Authorization Code Flow](#oidc-authorization-code-flow) - - [Cross-Site Request Forgery Protection](#cross-site-request-forgery-protection) - - [Client-Initiated Backchannel Authentication Flow](#client-initiated-backchannel-authentication-flow) - - [Optional Parameters](#optional-parameters) - - [Authentication Request](#authentication-request) - - [Format of `login_hint`](#format-of-login_hint) - - [Offline Access](#offline-access) - - [Refresh Token Issuance](#refresh-token-issuance) - - [Refresh Token Usage](#refresh-token-usage) - - [Refresh Token Security](#refresh-token-security) - - [Client Credentials Flow](#client-credentials-flow) - - [Handling of acr\_values](#handling-of-acr_values) - - [Access Token Request](#access-token-request) - - [The Scope Parameter](#the-scope-parameter) - - [Missing "openid" scope](#missing-openid-scope) - - [Purpose](#purpose) - - [Purpose as a scope](#purpose-as-a-scope) - - [Outlook on purpose-handling leveraging Rich Authorization Request](#outlook-on-purpose-handling-leveraging-rich-authorization-request) - - [ID Token](#id-token) - - [ID Token sub claim](#id-token-sub-claim) - - [Client Authentication](#client-authentication) - - [OpenId Foundation Certification](#openid-foundation-certification) - - [References](#references) + * [Introduction](#introduction) + * [Audience](#audience) + * [Conventions](#conventions) + * [General Considerations](#general-considerations) + + [Transport Security](#transport-security) + * [OIDC Authorization Code Flow](#oidc-authorization-code-flow) + + [Cross-Site Request Forgery Protection](#cross-site-request-forgery-protection) + * [Client-Initiated Backchannel Authentication Flow](#client-initiated-backchannel-authentication-flow) + + [Optional Parameters](#optional-parameters) + + [Authentication Request](#authentication-request) + * [Format of `login_hint`](#format-of-login_hint) + * [Offline Access](#offline-access) + - [Refresh Token Issuance](#refresh-token-issuance) + + [Refresh Token Usage](#refresh-token-usage) + + [Refresh Token Security](#refresh-token-security) + * [Client Credentials Flow](#client-credentials-flow) + * [Handling of acr_values](#handling-of-acr_values) + * [Access Token Request](#access-token-request) + * [The Scope Parameter](#the-scope-parameter) + * [Missing "openid" scope](#missing-openid-scope) + * [Purpose](#purpose) + * [ID Token](#id-token) + + [ID Token sub claim](#id-token-sub-claim) + * [Client Authentication](#client-authentication) + * [OpenId Foundation Certification](#openid-foundation-certification) + * [References](#references)