The list of ACR values requested by the backchannel authentication request.

Basically, this property has the value of the acr_values request parameter in the backchannel authentication request. However, because unsupported ACR values are dropped on Authlete side, if the acr_values request parameter contains unrecognized ACR values, the list this property has becomes different from the value of the acr_values request parameter.

The next action that the service implementation should take.

The authorization details. This represents the value of the authorization_details request parameter which is defined in "OAuth 2.0 Rich Authorization Requests".

The binding message included in the backchannel authentication request. It is the value of the binding_message request parameter.

Arbitrary attributes associated with the client.

The client authentication method that should be performed at the token endpoint.

If the client could not be identified by the information in the request, this property is unset.

The client ID.

The client ID alias.

If the client did not have an alias, the value of this property is unset.

The flag which indicates whether the client ID alias was used when the token request was made.

The name of the client application which has made the backchannel authentication request.

The names of the claims which were requested indirectly via some special scopes. See 5.4. Requesting Claims using Scope Values in OpenID Connect Core 1.0 for details.

The client notification token included in the backchannel authentication request. It is the value of the client_notification_token request parameter.

When the backchannel token delivery mode is "ping" or "push", the backchannel authentication request must include a client notification token.

The backchannel token delivery mode of the client application.

The dynamic scopes which the client application requested by the scope request parameter. See the description of DynamicScope for details.

The value of the hint for end-user identification.

When hintType has UserIdentificationHintType.ID_TOKEN_HINT ID_TOKEN_HINT, this property has the value of the id_token_hint request parameter. Likewise, this property has the value of the login_hint request parameter when hintType has UserIdentificationHintType.LOGIN_HINT, or has the value of the login_hint_token request parameter when hintType has UserIdentificationHintType.LOGIN_HINT_TOKEN.

The type of the hint for end-user identification which was included in the backchannel authentication request.

When the backchannel authentication request contains id_token_hint, this property has UserIdentificationHintType.ID_TOKEN_HINT. Likewise, this property has UserIdentificationHintType.LOGIN_HINT LOGIN_HINT when the request contains login_hint, or has UserIdentificationHintType.LOGIN_HINT_TOKEN when the request contains login_hint_token.

Note that a backchannel authentication request must include one and only one hint among id_token_hint, login_hint and login_hint_token.

The request context of the backchannel authentication request. It is the value of the request_context claim in the signed authentication request and its format is JSON. request_context is a new claim added by the FAPI-CIBA profile.

This property has null if the backchannel authentication request does not include a request request parameter or the JWT specified by the request parameter does not include a request_context claim.

The requested expiry for the authentication request ID (auth_req_id). It is the value of the requested_expiry request parameter.

The resources specified by the resource request parameters or by the resource property in the request object. If both are given, the values in the request object take precedence.

See "Resource Indicators for OAuth 2.0" for details.

The response content which can be used as the entity body of the response returned to the client application.

The scopes requested by the backchannel authentication request.

Basically, this property holds the value of the scope request parameter in the backchannel authentication request. However, because unregistered scopes are dropped on Authlete side, if the scope request parameter contains unknown scopes, the list this property has becomes different from the value of the scope request parameter.

Note that Scope.description and Scope.descriptions property of each element (Scope instance) in the array this property has is always set to null even if descriptions of the scopes are registered.

Arbitrary attributes associated with the service.

The value of the sub claim contained in the ID token hint included in the backchannel authentication request.

This property has a value only when the backchannel authentication request contains the id_token_hint request parameter.

The ticket that is necessary for the implementation of the backchannel authentication endpoint to call /backchannel/authentication/* API.

The user code included in the backchannel authentication request. It is the value of the user_code request parameter.

The flag which indicates whether a user code is required.

This property has true when both the backchannel_user_code_parameter metadata of the client (= Client's bcUserCodeRequired property) and the backchannel_user_code_parameter_supported metadata of the service (= Service.backchannelUserCodeParameterSupported) are true.

The warnings raised during processing the backchannel authentication request.