ASVS Requirement 10.4.10

• Level: 2
• Chapter: V10 OAuth and OIDC
• Section: V10.4 OAuth Authorization Server
• Source: 0x19-V10-OAuth-and-OIDC.md

Description

Verify that confidential client is authenticated for client-to-authorized server backchannel requests such as token requests, pushed authorization requests (PAR), and token revocation requests.