java.lang.Object
- com.nimbusds.oauth2.sdk.id.Identifier
- - com.nimbusds.oauth2.sdk.auth.ClientAuthenticationMethod

All Implemented Interfaces:

Serializable, Comparable<Identifier>, net.minidev.json.JSONAware
```
@Immutable
public final class ClientAuthenticationMethod
extends Identifier
```
Client authentication method at the Token endpoint.
Constants are provided for four client authentication methods:
Use the constructor to define a custom client authentication method.
Related specifications:
- OAuth 2.0 (RFC 6749), section 2.3.
- OAuth 2.0 Dynamic Client Registration Protocol (RFC 7591), section 2.
- OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access Tokens (RFC 8705), section 2.
- OpenID Connect Federation 1.0.
See Also:

Serialized Form

Field Summary

Fields
Modifier and Type	Field	Description
`static ClientAuthenticationMethod`	`CLIENT_SECRET_BASIC`	Clients that have received a client secret from the authorisation server authenticate with the authorisation server in accordance with section 3.2.1 of OAuth 2.0 using HTTP Basic authentication.
`static ClientAuthenticationMethod`	`CLIENT_SECRET_JWT`	Clients that have received a client secret from the authorisation server, create a JWT using an HMAC SHA algorithm, such as HMAC SHA-256.
`static ClientAuthenticationMethod`	`CLIENT_SECRET_POST`	Clients that have received a client secret from the authorisation server authenticate with the authorisation server in accordance with section 3.2.1 of OAuth 2.0 by including the client credentials in the request body.
`static ClientAuthenticationMethod`	`NONE`	The client is a public client as defined in OAuth 2.0 and does not have a client secret.
`static ClientAuthenticationMethod`	`PRIVATE_KEY_JWT`	Clients that have registered a public key sign a JWT using the RSA algorithm if a RSA key was registered or the ECDSA algorithm if an Elliptic Curve key was registered (see JWA for the algorithm identifiers).
`static ClientAuthenticationMethod`	`REQUEST_OBJECT`	Client authentication by means of a request object at the authorisation or PAR endpoints.
`static ClientAuthenticationMethod`	`SELF_SIGNED_TLS_CLIENT_AUTH`	Self-signed certificate mutual TLS OAuth client authentication.
`static ClientAuthenticationMethod`	`TLS_CLIENT_AUTH`	PKI mutual TLS OAuth client authentication.

Fields inherited from class com.nimbusds.oauth2.sdk.id.Identifier
DEFAULT_BYTE_LENGTH, secureRandom

Constructor Summary

Constructors
Constructor Description

ClientAuthenticationMethod(String value)
Creates a new client authentication method with the specified value.

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`boolean`	`equals(Object object)`
`static ClientAuthenticationMethod`	`getDefault()`	Gets the default client authentication method.
`static ClientAuthenticationMethod`	`parse(String value)`	Parses a client authentication method from the specified value.

Methods inherited from class com.nimbusds.oauth2.sdk.id.Identifier
compareTo, getValue, hashCode, toJSONString, toString, toStringList

Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait

- Field Detail
  - CLIENT_SECRET_BASIC
```
public static final ClientAuthenticationMethod CLIENT_SECRET_BASIC
```
    Clients that have received a client secret from the authorisation server authenticate with the authorisation server in accordance with section 3.2.1 of OAuth 2.0 using HTTP Basic authentication. This is the default if no method has been registered for the client.
  - CLIENT_SECRET_POST
```
public static final ClientAuthenticationMethod CLIENT_SECRET_POST
```
    Clients that have received a client secret from the authorisation server authenticate with the authorisation server in accordance with section 3.2.1 of OAuth 2.0 by including the client credentials in the request body.
  - CLIENT_SECRET_JWT
```
public static final ClientAuthenticationMethod CLIENT_SECRET_JWT
```
    Clients that have received a client secret from the authorisation server, create a JWT using an HMAC SHA algorithm, such as HMAC SHA-256. The HMAC (Hash-based Message Authentication Code) is calculated using the value of client secret as the shared key. The client authenticates in accordance with section 2.2 of (JWT) Bearer Token Profiles and OAuth 2.0 Assertion Profile.
  - PRIVATE_KEY_JWT
```
public static final ClientAuthenticationMethod PRIVATE_KEY_JWT
```
    Clients that have registered a public key sign a JWT using the RSA algorithm if a RSA key was registered or the ECDSA algorithm if an Elliptic Curve key was registered (see JWA for the algorithm identifiers). The client authenticates in accordance with section 2.2 of (JWT) Bearer Token Profiles and OAuth 2.0 Assertion Profile.
  - TLS_CLIENT_AUTH
```
public static final ClientAuthenticationMethod TLS_CLIENT_AUTH
```
    PKI mutual TLS OAuth client authentication. See OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access Tokens (RFC 8705), section 2.1.
  - SELF_SIGNED_TLS_CLIENT_AUTH
```
public static final ClientAuthenticationMethod SELF_SIGNED_TLS_CLIENT_AUTH
```
    Self-signed certificate mutual TLS OAuth client authentication. See OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access Tokens (RFC 8705), section 2.2.
  - REQUEST_OBJECT
```
public static final ClientAuthenticationMethod REQUEST_OBJECT
```
    Client authentication by means of a request object at the authorisation or PAR endpoints. Intended for OpenID Connect Federation 1.0 clients undertaking automatic registration. See OpenID Connect Federation 1.0.
  - NONE
```
public static final ClientAuthenticationMethod NONE
```
    The client is a public client as defined in OAuth 2.0 and does not have a client secret.
- Constructor Detail
  - ClientAuthenticationMethod
```
public ClientAuthenticationMethod(String value)
```
    Creates a new client authentication method with the specified value.
    
    Parameters:
    
    value - The authentication method value. Must not be null or empty string.
- Method Detail
  - getDefault
```
public static ClientAuthenticationMethod getDefault()
```
    Gets the default client authentication method.
    
    Returns:
    
    CLIENT_SECRET_BASIC
  - parse
```
public static ClientAuthenticationMethod parse(String value)
```
    Parses a client authentication method from the specified value.
    
    Parameters:
    
    value - The authentication method value. Must not be null or empty string.
    
    Returns:
    
    The client authentication method.
  - equals
```
public boolean equals(Object object)
```
    Overrides:
    
    equals in class Identifier

Class ClientAuthenticationMethod

Field Summary

Fields inherited from class com.nimbusds.oauth2.sdk.id.Identifier

Constructor Summary

Method Summary

Methods inherited from class com.nimbusds.oauth2.sdk.id.Identifier

Methods inherited from class java.lang.Object

Field Detail

CLIENT_SECRET_BASIC

CLIENT_SECRET_POST

CLIENT_SECRET_JWT

PRIVATE_KEY_JWT

TLS_CLIENT_AUTH

SELF_SIGNED_TLS_CLIENT_AUTH

REQUEST_OBJECT

NONE

Constructor Detail

ClientAuthenticationMethod

Method Detail

getDefault

parse

equals