Added and updated servers in specs and examples

Addresses: ConsumerDataStandardsAustralia/standards-maintenance#663 (comment)
ConsumerDataStandardsAustralia · Oct 31, 2024 · fac1892 · fac1892
1 parent aa73afe
commit fac1892
Show file tree

Hide file tree

Showing 24 changed files with 263 additions and 159 deletions.
diff --git a/slate/source/includes/introduction/_intro.md b/slate/source/includes/introduction/_intro.md
@@ -11,8 +11,9 @@ The standards are required to be published. The obligations on CDR participants
 
 Some of these standards will be binding data standards under the Competition and Consumer (Consumer Data Right) Data Standards (No. 1) 2023. See that instrument [here](https://consumerdatastandards.gov.au/sites/consumerdatastandards.gov.au/files/2023-02/Competition%20and%20Consumer%20%28Consumer%20Data%20Right%29%20Data%20Standards%20%28No.%201%29%202023%20executed.pdf). In summary, provisions of these standards (as they exist from time to time) that impose obligations or prohibitions on CDR entities are binding data standards. Provisions included in these standards merely by way of guidance are not binding data standards.
 
-
-
+```diff
+Added and updated servers in all specs and updated host examples
+```
 
 ## Version
 These standards represent version 1.33.0 of the high level standards.  See the [versioning section](#versioning) for more information on how versions are managed in the standard.

diff --git a/slate/source/includes/releasenotes/releasenotes.1.33.0.html.md b/slate/source/includes/releasenotes/releasenotes.1.33.0.html.md
@@ -21,7 +21,7 @@ This release addresses the following minor defects raised on [Standards Staging]
 
 This release addresses the following change requests raised on [Standards Maintenance](https://github.com/ConsumerDataStandardsAustralia/standards-maintenance/issues):
 
-- [Standards Maintenance #XXX - Title](https://github.com/ConsumerDataStandardsAustralia/standards-maintenance/issues/XXX)
+- [Standards Maintenance #663 - Maintenance Iteration 21 Holistic Feedback](https://github.com/ConsumerDataStandardsAustralia/standards-maintenance/issues/663)
 
 
 ### Decision Proposals
@@ -34,7 +34,7 @@ This release addresses the following Decision Proposals published on [Standards]
 |Change|Description|Link|
 |------|-----------|----|
 | Change summary | [**Standards Staging #XXX**](https://github.com/ConsumerDataStandardsAustralia/standards-staging/issues/XXX): Change detail | [Standards section](../../#section)
-| Change summary | [**Standards Maintenance #XXX**](https://github.com/ConsumerDataStandardsAustralia/standards-maintenance/issues/XXX): Change detail | [Standards section](../../#section)
+| Updated servers in specs | [**Standards Maintenance #663**](https://github.com/ConsumerDataStandardsAustralia/standards-maintenance/issues/663): Added and updated servers in all specs and updated hosts in examples | [Examples throughout](../../?examples#introduction)
 | Change summary | [**Decision Proposal #XXX**](https://github.com/ConsumerDataStandardsAustralia/standards/issues/XXX): Change detail | [Standards section](../../#section)
 
 

diff --git a/slate/source/includes/security/_client_authentication.md b/slate/source/includes/security/_client_authentication.md
@@ -19,7 +19,7 @@ The following authentication methods are supported:
 
 ```
 POST /token HTTP/1.1
-Host: www.holder.com.au
+Host: mtls.dh.example.com
 Content-Type: application/x-www-form-urlencoded
 
 grant_type=client_credentials&
@@ -39,7 +39,7 @@ grant_type=client_credentials&
   "sub": "5ntwEOpMdPxxy49Gt28SXWY6j3aflCP2",
   "iat": 1516239022,
   "exp": 1516239322,
-  "aud": "https://www.holder.com.au/token",
+  "aud": "https://mtls.dh.example.com/token",
   "jti": "37747cd1-c105-4569-9f75-4adf28b73e31"
 }
 ```
@@ -72,8 +72,8 @@ Authorisation Servers supporting `private_key_jwt` Client Authentication of clie
 > Self-signed JWT Client Authentication Non-Normative Example - CDR Register calls the Data holder's Get Metrics end point using self-signed JWT Client Authentication (note that the “aud” claim represents the AdminBaseUri as defined in CDR Register Participant Endpoints).
 
 ```
-GET https://admin.data.holder.com.au/cds-au/v1/admin/metrics HTTP:/1.1
-Host: admin.data.holder.com.au
+GET https://mtls.dh.example.com/cds-au/v1/admin/metrics HTTP:/1.1
+Host: mtls.dh.example.com
 x-v: string
 x-min-v: string
 Authorization: Bearer eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjEyNDU2In0.ey ...
@@ -87,7 +87,7 @@ Authorization: Bearer eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjEyNDU2In0.ey
 {
    "iss":"cdr-register",
    "sub":"cdr-register",
-   "aud":"https://admin.data.holder.com.au",
+   "aud":"https://mtls.dh.example.com",
    "iat":1516239022,
    "exp":1516239322,
    "jti":"32358102-a44f-43cc-ad7c-42443d01507a"
@@ -141,8 +141,8 @@ If the Data Holder supports the [Self-signed JWT Client Authentication](#self-si
 > Non-Normative Example - Data Holder calls the Data Recipient Software Product's CDR Arrangement Revocation end point (note that the "aud" claim is "resource path" to the revocation end point).
 
 ```
-POST https://data.recipient.com.au/arrangements/revoke HTTP/1.1
-Host: data.recipient.com.au
+POST https://adr.example.com/arrangements/revoke HTTP/1.1
+Host: adr.example.com
 Content-Type: application/x-www-form-urlencoded
 Authorization: Bearer eyJhbGciOiJQUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjEyNDU2In0.ey …
 
@@ -157,7 +157,7 @@ cdr_arrangement_jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImtpZCI6IjEyNDU2In0.ey .
 {
    "iss":"dataholderbrand-123",
    "sub":"dataholderbrand-123",
-   "aud":"https://data.recipient.com.au/arrangements/revoke",
+   "aud":"https://adr.example.com/arrangements/revoke",
    "iat":1516239022,
    "exp":1516239322,
    "jti":"dba86502-7cf5-4719-9638-c5339a0ddb06"
@@ -170,12 +170,12 @@ This example uses PKCE to send the code_verifier which was previously encrypted
 
 ```
 POST /token HTTP/1.1
-Host: www.holder.com.au
+Host: mtls.dh.example.com
 Content-Type: application/x-www-form-urlencoded
 
 grant_type=authorization_code&
   code=i1WsRn1uB1&
-  redirect_uri=https%3A%2F%2Fwww.recipient.com.au%2Fcoolstuff&
+  redirect_uri=https%3A%2F%2Fadr.example.com%2Fredirects%2Fredirect1&
   client_id=s6BhdRkqt3&
   code_verifier=4d9213fb-d68b-49d1-a2c9-486e5a0b4e14&
   client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&
@@ -192,7 +192,7 @@ grant_type=authorization_code&
   "sub": "s6BhdRkqt3",
   "iat": 1516239022,
   "exp": 1516239322,
-  "aud": "https://www.holder.com.au/token",
+  "aud": "https://mtls.dh.example.com/token",
   "jti": "37747cd1-c105-4569-9f75-4adf28b73e31"
 }
 ```

diff --git a/slate/source/includes/security/_client_registration.md.erb b/slate/source/includes/security/_client_registration.md.erb
@@ -29,7 +29,7 @@ Example SSA:
 
 
 ```
-eyJhbGciOiJQUzI1NiIsImtpZCI6ImI4ZmFjZjJmZjM5NDQ0Zjc4MWUwYmU1ZGI0YjE0ZjE2IiwidHlwIjoiSldUIn0.eyJpc3MiOiJjZHItcmVnaXN0ZXIiLCJpYXQiOjE1NzE4MDgxMTEsImV4cCI6MjE0NzQ4MzY0NiwianRpIjoiM2JjMjA1YTFlYmM5NDNmYmI2MjRiMTRmY2IyNDExOTYiLCJjbGllbnRfbmFtZSI6Ik1vY2sgU29mdHdhcmUiLCJjbGllbnRfZGVzY3JpcHRpb24iOiJBIG1vY2sgc29mdHdhcmUgcHJvZHVjdCIsImNsaWVudF91cmkiOiJodHRwczovL3d3dy5tb2NrY29tcGFueS5jb20uYXUiLCJsZWdhbF9lbnRpdHlfaWQiOiIzQjBCMEE3Qi0zRTdCLTRBMkMtOTQ5Ny1FMzU3QTcxRDA3QzciLCJsZWdhbF9lbnRpdHlfbmFtZSI6Ik1vY2sgQ29tcGFueSBQdHkgTHRkLiIsIm9yZ19pZCI6IjNCMEIwQTdCLTNFN0ItNEEyQy05NDk3LUUzNTdBNzFEMDdDOCIsIm9yZ19uYW1lIjoiTW9jayBDb21wYW55IEJyYW5kIiwicmVkaXJlY3RfdXJpcyI6WyJodHRwczovL3d3dy5tb2NrY29tcGFueS5jb20uYXUvcmVkaXJlY3RzL3JlZGlyZWN0MSIsImh0dHBzOi8vd3d3Lm1vY2tjb21wYW55LmNvbS5hdS9yZWRpcmVjdHMvcmVkaXJlY3QyIl0sInNlY3Rvcl9pZGVudGlmaWVyX3VyaSI6Imh0dHBzOi8vd3d3Lm1vY2tjb21wYW55LmNvbS5hdS9zZWN0b3JfaWRlbnRpZmllci5qc29uIiwibG9nb191cmkiOiJodHRwczovL3d3dy5tb2NrY29tcGFueS5jb20uYXUvbG9nb3MvbG9nbzEucG5nIiwidG9zX3VyaSI6Imh0dHBzOi8vd3d3Lm1vY2tjb21wYW55LmNvbS5hdS90b3MuaHRtbCIsInBvbGljeV91cmkiOiJodHRwczovL3d3dy5tb2NrY29tcGFueS5jb20uYXUvcG9saWN5Lmh0bWwiLCJqd2tzX3VyaSI6Imh0dHBzOi8vd3d3Lm1vY2tjb21wYW55LmNvbS5hdS9qd2tzIiwicmV2b2NhdGlvbl91cmkiOiJodHRwczovL3d3dy5tb2NrY29tcGFueS5jb20uYXUvcmV2b2NhdGlvbiIsInJlY2lwaWVudF9iYXNlX3VyaSI6Imh0dHBzOi8vd3d3Lm1vY2tjb21wYW55LmNvbS5hdSIsInNvZnR3YXJlX2lkIjoiNzQwQzM2OEYtRUNGOS00RDI5LUEyRUEtMDUxNEE2NkIwQ0RFIiwic29mdHdhcmVfcm9sZXMiOiJkYXRhLXJlY2lwaWVudC1zb2Z0d2FyZS1wcm9kdWN0Iiwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBiYW5rOmFjY291bnRzLmJhc2ljOnJlYWQgYmFuazphY2NvdW50cy5kZXRhaWw6cmVhZCBiYW5rOnRyYW5zYWN0aW9uczpyZWFkIGJhbms6cGF5ZWVzOnJlYWQgYmFuazpyZWd1bGFyX3BheW1lbnRzOnJlYWQgZW5lcmd5OmVsZWN0cmljaXR5LnNlcnZpY2Vwb2ludHMuYmFzaWM6cmVhZCBlbmVyZ3k6ZWxlY3RyaWNpdHkuc2VydmljZXBvaW50cy5kZXRhaWw6cmVhZCBlbmVyZ3k6ZWxlY3RyaWNpdHkudXNhZ2U6cmVhZCBlbmVyZ3k6ZWxlY3RyaWNpdHkuZGVyOnJlYWQgZW5lcmd5OmFjY291bnRzLmJhc2ljOnJlYWQgZW5lcmd5OmFjY291bnRzLmRldGFpbDpyZWFkIGVuZXJneTphY2NvdW50cy5wYXltZW50c2NoZWR1bGU6cmVhZCBlbmVyZ3k6YWNjb3VudHMuY29uY2Vzc2lvbnM6cmVhZCBlbmVyZ3k6YmlsbGluZzpyZWFkIGNvbW1vbjpjdXN0b21lci5iYXNpYzpyZWFkIGNvbW1vbjpjdXN0b21lci5kZXRhaWw6cmVhZCBjZHI6cmVnaXN0cmF0aW9uIn0.XTSst96xOifAnaMaBj0I5nO5vbtNwvz304hJ9I_jPOcdD6vitmLiyWdkdW5GKA4JAa62_DmRIU_3zXQL0gSSJxoWhCSbuIlfwDtXFpFZzQAnTv-hOul-5clYmXvQqqEqWvbZZ4g7IKdWdROp4fzWFXB0VKf-_qzue_Kksy3A9CwdZRmNMDFtIApkSULqxK3S8D2nFa3lvGzegl76Ji7p0Zjkyu8YexFyKCahTEGzQrRQeVILpaN107XHNlSWlhsv4hr1PXwG2Pn1z54SCG9tVOZ10WaqZ5SMjRqsQN-lVYSVe5BCTpQ-N_GnYuUeWh0rOJ9CrA8CUN_twCJXyW3I5w
+eyJhbGciOiJQUzI1NiIsImtpZCI6ImI4ZmFjZjJmZjM5NDQ0Zjc4MWUwYmU1ZGI0YjE0ZjE2IiwidHlwIjoiSldUIn0.eyJpc3MiOiJjZHItcmVnaXN0ZXIiLCJpYXQiOjE1NzE4MDgxMTEsImV4cCI6MjE0NzQ4MzY0NiwianRpIjoiM2JjMjA1YTFlYmM5NDNmYmI2MjRiMTRmY2IyNDExOTYiLCJjbGllbnRfbmFtZSI6Ik1vY2sgU29mdHdhcmUiLCJjbGllbnRfZGVzY3JpcHRpb24iOiJBIG1vY2sgc29mdHdhcmUgcHJvZHVjdCIsImNsaWVudF91cmkiOiJodHRwczovL2Fkci5leGFtcGxlLmNvbSIsImxlZ2FsX2VudGl0eV9pZCI6IjNCMEIwQTdCLTNFN0ItNEEyQy05NDk3LUUzNTdBNzFEMDdDNyIsImxlZ2FsX2VudGl0eV9uYW1lIjoiTW9jayBDb21wYW55IFB0eSBMdGQuIiwib3JnX2lkIjoiM0IwQjBBN0ItM0U3Qi00QTJDLTk0OTctRTM1N0E3MUQwN0M4Iiwib3JnX25hbWUiOiJNb2NrIENvbXBhbnkgQnJhbmQiLCJyZWRpcmVjdF91cmlzIjpbImh0dHBzOi8vYWRyLmV4YW1wbGUuY29tL3JlZGlyZWN0cy9yZWRpcmVjdDEiLCJodHRwczovL2Fkci5leGFtcGxlLmNvbS9yZWRpcmVjdHMvcmVkaXJlY3QyIl0sInNlY3Rvcl9pZGVudGlmaWVyX3VyaSI6Imh0dHBzOi8vYWRyLmV4YW1wbGUuY29tL3NlY3Rvcl9pZGVudGlmaWVyLmpzb24iLCJsb2dvX3VyaSI6Imh0dHBzOi8vYWRyLmV4YW1wbGUuY29tL2xvZ29zL2xvZ28xLnBuZyIsInRvc191cmkiOiJodHRwczovL2Fkci5leGFtcGxlLmNvbS90b3MuaHRtbCIsInBvbGljeV91cmkiOiJodHRwczovL2Fkci5leGFtcGxlLmNvbS9wb2xpY3kuaHRtbCIsImp3a3NfdXJpIjoiaHR0cHM6Ly9hZHIuZXhhbXBsZS5jb20vandrcyIsInJldm9jYXRpb25fdXJpIjoiaHR0cHM6Ly9hZHIuZXhhbXBsZS5jb20vcmV2b2NhdGlvbiIsInJlY2lwaWVudF9iYXNlX3VyaSI6Imh0dHBzOi8vYWRyLmV4YW1wbGUuY29tIiwic29mdHdhcmVfaWQiOiI3NDBDMzY4Ri1FQ0Y5LTREMjktQTJFQS0wNTE0QTY2QjBDREUiLCJzb2Z0d2FyZV9yb2xlcyI6ImRhdGEtcmVjaXBpZW50LXNvZnR3YXJlLXByb2R1Y3QiLCJzY29wZSI6Im9wZW5pZCBwcm9maWxlIGJhbms6YWNjb3VudHMuYmFzaWM6cmVhZCBiYW5rOmFjY291bnRzLmRldGFpbDpyZWFkIGJhbms6dHJhbnNhY3Rpb25zOnJlYWQgYmFuazpwYXllZXM6cmVhZCBiYW5rOnJlZ3VsYXJfcGF5bWVudHM6cmVhZCBlbmVyZ3k6ZWxlY3RyaWNpdHkuc2VydmljZXBvaW50cy5iYXNpYzpyZWFkIGVuZXJneTplbGVjdHJpY2l0eS5zZXJ2aWNlcG9pbnRzLmRldGFpbDpyZWFkIGVuZXJneTplbGVjdHJpY2l0eS51c2FnZTpyZWFkIGVuZXJneTplbGVjdHJpY2l0eS5kZXI6cmVhZCBlbmVyZ3k6YWNjb3VudHMuYmFzaWM6cmVhZCBlbmVyZ3k6YWNjb3VudHMuZGV0YWlsOnJlYWQgZW5lcmd5OmFjY291bnRzLnBheW1lbnRzY2hlZHVsZTpyZWFkIGVuZXJneTphY2NvdW50cy5jb25jZXNzaW9uczpyZWFkIGVuZXJneTpiaWxsaW5nOnJlYWQgY29tbW9uOmN1c3RvbWVyLmJhc2ljOnJlYWQgY29tbW9uOmN1c3RvbWVyLmRldGFpbDpyZWFkIGNkcjpyZWdpc3RyYXRpb24ifQ.XTSst96xOifAnaMaBj0I5nO5vbtNwvz304hJ9I_jPOcdD6vitmLiyWdkdW5GKA4JAa62_DmRIU_3zXQL0gSSJxoWhCSbuIlfwDtXFpFZzQAnTv-hOul-5clYmXvQqqEqWvbZZ4g7IKdWdROp4fzWFXB0VKf-_qzue_Kksy3A9CwdZRmNMDFtIApkSULqxK3S8D2nFa3lvGzegl76Ji7p0Zjkyu8YexFyKCahTEGzQrRQeVILpaN107XHNlSWlhsv4hr1PXwG2Pn1z54SCG9tVOZ10WaqZ5SMjRqsQN-lVYSVe5BCTpQ-N_GnYuUeWh0rOJ9CrA8CUN_twCJXyW3I5w
 ```
 
 
@@ -70,22 +70,22 @@ Decoded SSA
   "jti": "3bc205a1ebc943fbb624b14fcb241196",
   "client_name": "Mock Software",
   "client_description": "A mock software product",
-  "client_uri": "https://www.mockcompany.com.au",
+  "client_uri": "https://adr.example.com",
   "legal_entity_id": "3B0B0A7B-3E7B-4A2C-9497-E357A71D07C7",
   "legal_entity_name": "Mock Company Pty Ltd.",
   "org_id": "3B0B0A7B-3E7B-4A2C-9497-E357A71D07C8",
   "org_name": "Mock Company Brand",
   "redirect_uris": [
-    "https://www.mockcompany.com.au/redirects/redirect1",
-    "https://www.mockcompany.com.au/redirects/redirect2"
+    "https://adr.example.com/redirects/redirect1",
+    "https://adr.example.com/redirects/redirect2"
   ],
-  "sector_identifier_uri": "https://www.mockcompany.com.au/sector_identifier.json",
-  "logo_uri": "https://www.mockcompany.com.au/logos/logo1.png",
-  "tos_uri": "https://www.mockcompany.com.au/tos.html",
-  "policy_uri": "https://www.mockcompany.com.au/policy.html",
-  "jwks_uri": "https://www.mockcompany.com.au/jwks",
-  "revocation_uri": "https://www.mockcompany.com.au/revocation",
-  "recipient_base_uri": "https://www.mockcompany.com.au",
+  "sector_identifier_uri": "https://adr.example.com/sector_identifier.json",
+  "logo_uri": "https://adr.example.com/logos/logo1.png",
+  "tos_uri": "https://adr.example.com/tos.html",
+  "policy_uri": "https://adr.example.com/policy.html",
+  "jwks_uri": "https://adr.example.com/jwks",
+  "revocation_uri": "https://adr.example.com/revocation",
+  "recipient_base_uri": "https://adr.example.com",
   "software_id": "740C368F-ECF9-4D29-A2EA-0514A66B0CDE",
   "software_roles": "data-recipient-software-product",
   "scope": "openid profile bank:accounts.basic:read bank:accounts.detail:read bank:transactions:read bank:payees:read bank:regular_payments:read energy:electricity.servicepoints.basic:read energy:electricity.servicepoints.detail:read energy:electricity.usage:read energy:electricity.der:read energy:accounts.basic:read energy:accounts.detail:read energy:accounts.paymentschedule:read energy:accounts.concessions:read energy:billing:read common:customer.basic:read common:customer.detail:read cdr:registration"
@@ -134,6 +134,7 @@ Get Software Statement Assertion API [v1](includes/obsolete/get-software-stateme
 
 ```
 HTTP/1.1 POST /register
+Host: mtls.dh.example.com
 Content-Type: application/jwt
 Accept: application/json
 
@@ -148,10 +149,10 @@ Accept: application/json
   "iat": 1571908322,
   "exp": 2148483456,
   "jti": "37747cd1c10545699f754adf28b73e31",
-  "aud": "https://secure.api.dataholder.com/issuer",
+  "aud": "https://mtls.dh.example.com/issuer",
   "redirect_uris": [
-    "https://www.mockcompany.com.au/redirects/redirect1",
-    "https://www.mockcompany.com.au/redirects/redirect2"
+    "https://adr.example.com/redirects/redirect1",
+    "https://adr.example.com/redirects/redirect2"
   ],
   "token_endpoint_auth_method": "private_key_jwt",
   "token_endpoint_auth_signing_alg": "PS256",
@@ -179,6 +180,7 @@ Accept: application/json
 
 ```
 HTTP/1.1 POST /register
+Host: mtls.dh.example.com
 Content-Type: application/jwt
 Accept: application/json
 
@@ -193,10 +195,10 @@ Accept: application/json
   "iat": 1571908322,
   "exp": 2148483456,
   "jti": "37747cd1c10545699f754adf28b73e31",
-  "aud": "https://secure.api.dataholder.com/issuer",
+  "aud": "https://mtls.dh.example.com/issuer",
   "redirect_uris": [
-    "https://www.mockcompany.com.au/redirects/redirect1",
-    "https://www.mockcompany.com.au/redirects/redirect2"
+    "https://adr.example.com/redirects/redirect1",
+    "https://adr.example.com/redirects/redirect2"
   ],
   "token_endpoint_auth_method": "private_key_jwt",
   "token_endpoint_auth_signing_alg": "PS256",
@@ -309,22 +311,22 @@ Content-Type: application/json
   "client_id_issued_at": 1574398833,
   "client_name": "Mock Software",
   "client_description": "A mock software product",
-  "client_uri": "https://www.mockcompany.com.au",
+  "client_uri": "https://adr.example.com",
   "legal_entity_id": "3B0B0A7B-3E7B-4A2C-9497-E357A71D07C7",
   "legal_entity_name": "Mock Company Pty Ltd.",
   "org_id": "3B0B0A7B-3E7B-4A2C-9497-E357A71D07C8",
   "org_name": "Mock Company Brand",
   "redirect_uris": [
-    "https://www.mockcompany.com.au/redirects/redirect1",
-    "https://www.mockcompany.com.au/redirects/redirect2"
+    "https://adr.example.com/redirects/redirect1",
+    "https://adr.example.com/redirects/redirect2"
   ],
-  "sector_identifier_uri": "https://www.mockcompany.com.au/sector_identifier.json",
-  "logo_uri": "https://www.mockcompany.com.au/logos/logo1.png",
-  "tos_uri": "https://www.mockcompany.com.au/tos.html",
-  "policy_uri": "https://www.mockcompany.com.au/policy.html",
-  "jwks_uri": "https://www.mockcompany.com.au/jwks",
-  "revocation_uri": "https://www.mockcompany.com.au/revocation",
-  "recipient_base_uri": "https://www.mockcompany.com.au",
+  "sector_identifier_uri": "https://adr.example.com/sector_identifier.json",
+  "logo_uri": "https://adr.example.com/logos/logo1.png",
+  "tos_uri": "https://adr.example.com/tos.html",
+  "policy_uri": "https://adr.example.com/policy.html",
+  "jwks_uri": "https://adr.example.com/jwks",
+  "revocation_uri": "https://adr.example.com/revocation",
+  "recipient_base_uri": "https://adr.example.com",
   "token_endpoint_auth_method": "private_key_jwt",
   "token_endpoint_auth_signing_alg": "PS256",
   "grant_types": [
@@ -361,22 +363,22 @@ Content-Type: application/json
   "client_id_issued_at": 1574398833,
   "client_name": "Mock Software",
   "client_description": "A mock software product",
-  "client_uri": "https://www.mockcompany.com.au",
+  "client_uri": "https://adr.example.com",
   "legal_entity_id": "3B0B0A7B-3E7B-4A2C-9497-E357A71D07C7",
   "legal_entity_name": "Mock Company Pty Ltd.",
   "org_id": "3B0B0A7B-3E7B-4A2C-9497-E357A71D07C8",
   "org_name": "Mock Company Brand",
   "redirect_uris": [
-    "https://www.mockcompany.com.au/redirects/redirect1",
-    "https://www.mockcompany.com.au/redirects/redirect2"
+    "https://adr.example.com/redirects/redirect1",
+    "https://adr.example.com/redirects/redirect2"
   ],
-  "sector_identifier_uri": "https://www.mockcompany.com.au/sector_identifier.json",
-  "logo_uri": "https://www.mockcompany.com.au/logos/logo1.png",
-  "tos_uri": "https://www.mockcompany.com.au/tos.html",
-  "policy_uri": "https://www.mockcompany.com.au/policy.html",
-  "jwks_uri": "https://www.mockcompany.com.au/jwks",
-  "revocation_uri": "https://www.mockcompany.com.au/revocation",
-  "recipient_base_uri": "https://www.mockcompany.com.au",
+  "sector_identifier_uri": "https://adr.example.com/sector_identifier.json",
+  "logo_uri": "https://adr.example.com/logos/logo1.png",
+  "tos_uri": "https://adr.example.com/tos.html",
+  "policy_uri": "https://adr.example.com/policy.html",
+  "jwks_uri": "https://adr.example.com/jwks",
+  "revocation_uri": "https://adr.example.com/revocation",
+  "recipient_base_uri": "https://adr.example.com",
   "token_endpoint_auth_method": "private_key_jwt",
   "token_endpoint_auth_signing_alg": "PS256",
   "grant_types": [
@@ -446,6 +448,7 @@ For those Registration errors which do not map to [Section 3.2.2](https://tools.
 
 ```
 HTTP/1.1 POST /token
+Host: mtls.dh.example.com
 Content-Type: application/x-www-form-urlencoded
 
 grant_type=client_credentials&
@@ -464,7 +467,7 @@ grant_type=client_credentials&
   "sub": "12345",
   "iat": 1516239022,
   "exp": 1516239322,
-  "aud": "https://www.holder.com.au/token",
+  "aud": "https://mtls.dh.example.com/token",
   "jti": "37747cd1-c105-4569-9f75-4adf28b73e31"
 }
 

diff --git a/slate/source/includes/security/_identifiers_and_subject_types.md b/slate/source/includes/security/_identifiers_and_subject_types.md
@@ -19,7 +19,7 @@ Identifier (UUID) **[[RFC4122]](#nref-RFC4122)**.
 
 ```
 POST /token HTTP/1.1
-Host: https://data.holder.com.au
+Host: https://mtls.dh.example.com
 Content-Type: application/x-www-form-urlencoded
 
 client_id=s6BhdRkqt3
@@ -46,7 +46,7 @@ client_id=s6BhdRkqt3
 
 ```
 {
-  "iss": "https://data.holder.com.au",
+  "iss": "https://mtls.dh.example.com",
   "sub": "a9ebbef6-1f0b-44eb-96cf-0c5b51b37ab2",
   "aud": "12345",
   "nonce": "n-0S6_WzA2Mj",
@@ -64,7 +64,7 @@ client_id=s6BhdRkqt3
 
 ```
 POST /token/introspect HTTP/1.1
-Host: https://data.holder.com.au
+Host: https://mtls.dh.example.com
 Content-Type: application/x-www-form-urlencoded
 
 client_id=s6BhdRkqt3

diff --git a/slate/source/includes/security/_request_object.md b/slate/source/includes/security/_request_object.md
@@ -8,10 +8,10 @@
 {
   "iss": "s6BhdRkqt3",
   "exp": 1516239322,
-  "aud": "https://www.recipient.com.au",
+  "aud": "https://adr.example.com",
   "response_type": "code id_token",
   "client_id": "s6BhdRkqt3",
-  "redirect_uri": "https://www.recipient.com.au/coolstuff",
+  "redirect_uri": "https://adr.example.com/redirects/redirect1",
   "scope": "openid profile bank:accounts.basic:read
             bank:accounts.detail:read",
   "nonce": "n-0S6_WzA2Mj",
@@ -42,11 +42,11 @@
   "iss": "s6BhdRkqt3",
   "exp": 1680832800,
   "nbf": 1680829200,
-  "aud": "https://www.recipient.com.au",
+  "aud": "https://adr.example.com",
   "response_type": "code",
   "response_mode": "jwt",
   "client_id": "s6BhdRkqt3",
-  "redirect_uri": "https://www.recipient.com.au/coolstuff",
+  "redirect_uri": "https://adr.example.com/redirects/redirect1",
   "scope": "openid profile bank:accounts.basic:read
             bank:accounts.detail:read",
   "nonce": "n-0S6_WzA2Mj",

diff --git a/slate/source/includes/security/_tokens.md b/slate/source/includes/security/_tokens.md
@@ -5,7 +5,7 @@
 
 ```
 {
-  "iss": "https://www.holder.com.au",
+  "iss": "https://mtls.dh.example.com",
   "sub": "a9ebbef6-1f0b-44eb-96cf-0c5b51b37ab2",
   "aud": "12345",
   "nonce": "n-0S6_WzA2Mj",