[Openid-specs-ab] Issue #1263: Other client id values then redirect URI (openid/connect)

tlodderstedt issues-reply at bitbucket.org
Wed Jul 7 17:01:45 UTC 2021

New issue 1263: Other client id values then redirect URI

Torsten Lodderstedt:

Have there been discussions before to utilize other values than the redirect uri as client for SIOP RP?

Redirect URI are not the most stable data on earth and loosing the client id means loosing the connection between the RP and the respective key pair used to authenticate with the RP. 

I think public keys, DIDs or OIDC federation could be more advanced options.

More information about the Openid-specs-ab mailing list