ASVS Requirement 10.2.3

• Level: 3
• Chapter: V10 OAuth and OIDC
• Section: V10.2 OAuth Client
• Source: 0x19-V10-OAuth-and-OIDC.md

Description

Verify that the OAuth client only requests the required scopes (or other authorization parameters) in requests to the authorization server.