3.1.5.3.1 Request

In response to the server's challenge, as specified in section 3.2.5.2, the client responds to the server by making an HTTP request to the server as follows.

HTTP Request parameter

Value

Method

The same method as the request that was made to the service URL that responded with the challenge (from section 3.1.5.1.1)

URL

The same URL as the service URL that responded with the challenge (from section 3.1.5.1.1)

Header: "Authorization"

PKeyAuth  AuthToken="<Signed-JWT>", Context="[Thumbprint based certificate challenge].ServerContext"

Signed-JWT: A Client Token (section 2.2.1.1) that was generated and signed using JWS, as specified in the processing details (section 3.1.5.3.3).