ASVS Requirement 10.4.13
- Level: 3
- Chapter: V10 OAuth and OIDC
- Section: V10.4 OAuth Authorization Server
- Source: 0x19-V10-OAuth-and-OIDC.md
Description
Verify that grant type 'code' is always used together with pushed authorization requests (PAR).
Verify that grant type 'code' is always used together with pushed authorization requests (PAR).