Merge pull request #5626 from Aeshan-Rosa/feature/add-oidc-dcr-guide-7x

Author: himeshsiriwardana

en/asgardeo/docs/guides/authentication/oidc/oauth-dynamic-client-registration.md

@@ -0,0 +1 @@
+{% include "../../../../../includes/guides/authentication/oidc/oauth-dynamic-client-registration.md" %}

en/asgardeo/mkdocs.yml

@@ -335,6 +335,7 @@ nav:
           - Configure OIDC flows:
             - Configure OIDC flows: guides/authentication/oidc/index.md
             - Discover OIDC endpoints: guides/authentication/oidc/discover-oidc-configs.md
+            - Dynamic Client Registration (DCR): guides/authentication/oidc/oauth-dynamic-client-registration.md
             - Implement login using the Authorization Code flow: guides/authentication/oidc/implement-auth-code.md
             - Implement login using the Authorization Code flow and PKCE: guides/authentication/oidc/implement-auth-code-with-pkce.md
             - Implement private key JWT client authentication: guides/authentication/oidc/private-key-jwt-client-auth.md

en/identity-server/7.0.0/docs/guides/authentication/oidc/oauth-dynamic-client-registration.md

@@ -0,0 +1 @@
+{% include "../../../../../../includes/guides/authentication/oidc/oauth-dynamic-client-registration.md" %}

en/identity-server/7.0.0/mkdocs.yml

@@ -549,6 +549,7 @@ nav:
           - Configure OIDC flows:
             - Configure OIDC flows: guides/authentication/oidc/index.md
             - Discover OIDC endpoints: guides/authentication/oidc/discover-oidc-configs.md
+            - Dynamic Client Registration (DCR): guides/authentication/oidc/oauth-dynamic-client-registration.md
             - Implement login using the Authorization Code flow: guides/authentication/oidc/implement-auth-code.md
             - Implement login using the Authorization Code flow and PKCE: guides/authentication/oidc/implement-auth-code-with-pkce.md
             - Implement private key JWT client authentication for OIDC: guides/authentication/oidc/private-key-jwt-client-auth.md

en/identity-server/7.1.0/docs/guides/authentication/oidc/oauth-dynamic-client-registration.md

@@ -0,0 +1 @@
+{% include "../../../../../../includes/guides/authentication/oidc/oauth-dynamic-client-registration.md" %}

en/identity-server/7.1.0/mkdocs.yml

@@ -579,6 +579,7 @@ nav:
           - Configure OIDC flows:
               - Configure OIDC flows: guides/authentication/oidc/index.md
               - Discover OIDC endpoints: guides/authentication/oidc/discover-oidc-configs.md
+              - Dynamic Client Registration (DCR): guides/authentication/oidc/oauth-dynamic-client-registration.md
               - Implement login using the Authorization Code flow: guides/authentication/oidc/implement-auth-code.md
               - Implement login using the Authorization Code flow and PKCE: guides/authentication/oidc/implement-auth-code-with-pkce.md
               - Implement private key JWT client authentication for OIDC: guides/authentication/oidc/private-key-jwt-client-auth.md

en/identity-server/next/docs/guides/authentication/oidc/oauth-dynamic-client-registration.md

@@ -0,0 +1 @@
+{% include "../../../../../../includes/guides/authentication/oidc/oauth-dynamic-client-registration.md" %}

en/identity-server/next/mkdocs.yml

@@ -591,6 +591,7 @@ nav:
           - Configure OIDC flows:
             - Configure OIDC flows: guides/authentication/oidc/index.md
             - Discover OIDC endpoints: guides/authentication/oidc/discover-oidc-configs.md
+            - Dynamic Client Registration (DCR): guides/authentication/oidc/oauth-dynamic-client-registration.md
             - Implement login using the Authorization Code flow: guides/authentication/oidc/implement-auth-code.md
             - Implement login using the Authorization Code flow and PKCE: guides/authentication/oidc/implement-auth-code-with-pkce.md
             - Implement private key JWT client authentication for OIDC: guides/authentication/oidc/private-key-jwt-client-auth.md

en/includes/guides/authentication/oidc/oauth-dynamic-client-registration.md

@@ -0,0 +1,43 @@
+# OpenID Connect Dynamic Client Registration
+
+This extension provides a mechanism to register clients with the authorization server dynamically or programmatically. 
+ 
+## How does it work? 
+
+To register a new client at the authorization server:
+
+1. Client discovers the client registration endpoint. The registration endpoint URL is discoverable via WebFinger.
+   For more information on discovering the client registration endpoint, see [OpenID Connect Discovery](discovery.md).
+   
+2. Client sends an HTTP POST message to the client registration endpoint with client metadata parameters that the client
+   chooses to specify for itself during the registration.
+   
+3. The authorization server assigns an unique client identifier (client ID) and optionally, a client secret.
+
+4. The authorization server associates the metadata given in the request with the issued client ID.
+
+---
+
+## DCR vs DCRM
+
+### What is DCR (Dynamic Client Registration)?
+
+Dynamic Client Registration is a protocol that allows OAuth clients to register applications in an authorization server.
+Before this mechanism was introduced to the [specification](https://tools.ietf.org/html/rfc7591) the client registration
+happened manually. With this implementation, client registration can be done in two ways.
+
+- A client can be registered dynamically with the authorization server itself
+- A programmer can register a client programmatically
+
+
+### What is DCRM (Dynamic Client Registration Management)?
+
+DCRM is an extension to the DCR, introduced from [this specification](https://tools.ietf.org/html/rfc7592). 
+The main functionalities specified are:
+
+- Current registration state of a client (Client Read Request)
+- Update request to an already registered client (Client Update Request)
+- Delete request to an already registered client (Client Delete Request)
+
+!!! info "Related topics"
+        - [API: OpenID Connect Dynamic Client Registration]({{base_path}}/apis/use-the-openid-connect-dynamic-client-registration-rest-apis)