Before reporting an issue

• I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.

Area

token-exchange

Describe the bug

The OIDC well-known endpoint correctly returns grant type urn:ietf:params:oauth:grant-type:token-exchange when token-exchange feature is enabled (which is token-exchange:v1). That is correct. But this grant type is not returned when token-exchange-standard feature is enabled (new token exchange), which is incorrect.

Figured that urn:ietf:params:oauth:grant-type:uma-ticket also not included in the well-known endpoint, but should be.

The cause is, that list of supported grant-types is hardcoded. Will be better when it is dynamically retrieved from available implementations of OAuth2GrantType provider. That will make it possible to add custom grant type implementations deployed by customers.

Version

nightly (from 2025-02-20)

Regression

• The issue is a regression

Expected behavior

Grant type urn:ietf:params:oauth:grant-type:token-exchange available in claim grant_types_supported if token-exchange-standard feature enabled

Actual behavior

Grant type urn:ietf:params:oauth:grant-type:token-exchange not available in claim grant_types_supported if token-exchange-standard feature enabled

How to Reproduce?

See above

Anything else?

No response