Update draft-parecki-oauth-client-id-metadata-document.md

aaronpk · ThisIsMissEm · web-flow · commit 555284706264 · 2025-11-06T19:47:35.000-08:00
Co-authored-by: Emelia Smith &lt;ThisIsMissEm@users.noreply.github.com&gt;
diff --git a/draft-parecki-oauth-client-id-metadata-document.md b/draft-parecki-oauth-client-id-metadata-document.md
@@ -151,8 +151,7 @@ the client to the user in an authorization consent screen, for example the
 client name and logo.
 
 The authorization server SHOULD fetch the document indicated by the `client_id`
-to retrieve the client registration information. The authorization server
-MUST NOT follow HTTP redirects when fetching the Client Metadata.
+to retrieve the client registration information. A successful response MUST use the 200 OK HTTP status code and return a JSON object using the `application/json` or `application/<AS-defined>+json` content type. The authorization server MUST treat all other HTTP status codes and content types as an error response. The authorization server MUST NOT automatically follow redirects given via the Location header in responses.
 
 ## Client Metadata
 
