buildClientAttestationPoPJwt
suspend fun JwsService.buildClientAttestationPoPJwt(clientId: String, audience: String, nonce: String? = null, lifetime: Duration = 10.minutes, clockSkew: Duration = 5.minutes): JwsSigned<JsonWebToken>(source)
Client attestation PoP JWT, issued by the client, which can be sent to an OAuth2 Authorization Server if needed, e.g. as HTTP header OAuth-Client-Attestation-PoP, see OAuth 2.0 Attestation-Based Client Authentication
Parameters
clientId
OAuth 2.0 client ID of the wallet
audience
The RFC8414 issuer identifier URL of the authorization server MUST be used
nonce
optionally provided from the authorization server
lifetime
validity period of the assertion (minus the clockSkew)
clockSkew
duration to subtract from Clock.System.now when setting the creation timestamp