Overview#Registration_endpoint is an Endpoint that allows new OAuth Clients to dynamically register with the Connect Authorization Server using the OAuth 2.0 Dynamic Client Registration Protocol.
The OAuth Clients Registration_endpoint is an OAuth 2.0 Endpoint defined in RFC 7591 that is designed to allow a OAuth Client to be registered with the Authorization Server. The client Registration_endpoint MUST accept HTTP POST messages with request parameters encoded in the entity body using the "application/json" format. The client Registration_endpoint MUST be protected by a Transport Layer Security mechanism, as described in Section 5.
The OAuth Clients registration endpoint MAY be an OAuth 2.0 RFC 6749 protected Resource and it MAY accept an initial Access Token in the form of an OAuth 2.0 Access Token to limit registration to only previously authorized parties. The method by which the initial Access Token is obtained by the OAuth Client or developer is generally out of band and is out of scope for this specification. The method by which the initial Access Token is verified and validated by the client Registration_endpoint is out of scope for this specification.
To support open registration and facilitate wider interoperability, the OAuth Client registration endpoint SHOULD allow registration requests with no authorization (which is to say, with no initial access token in the request). These requests MAY be rate-limited or otherwise limited to prevent a denial-of-service attack on the client Registration_endpoint.