ASVS Requirement 10.7.1

• Level: 2
• Chapter: V10 OAuth and OIDC
• Section: V10.7 Consent Management
• Source: 0x19-V10-OAuth-and-OIDC.md

Description

Verify that the authorization server ensures that the user consents to each authorization request. If the identity of the client cannot be assured, the authorization server must always explicitly prompt the user for consent.