[Openid-specs-ab] Updates to the UserInfo Endpoint spec

George Fletcher gffletch at aol.com
Sat Jul 2 00:21:53 UTC 2011


Hi John,

I'm fine with the discovery spec defining the endpoints.. I was thinking 
specifically of something like /userinfo, like the OAuth2 spec defines 
/authorize and /token path portions of the endpoint. Do we want that 
part variable on an implementation by implementation basis?

Thanks,
George

On 7/1/11 6:39 PM, John Bradley wrote:
> I think it is better to leave the path to the IdP.   The discovery 
> document for the IdP will list the endpoint URL.
>
> I would not assume that the host is necessarily the same as the token 
> or other endpoints.
>
> John B.
> On 2011-07-01, at 6:28 PM, George Fletcher wrote:
>
>> Hi,
>>
>> I updated the text regarding the UserInfo request to say that it is 
>> an OAuth2 protected resource supporting the Bearer Token spec. I also 
>> changed the SHOULD to a MUST in the response text requiring the JSON 
>> object to compile with the specified schema if the schema parameter 
>> requests "openid". Also did some clean ups in the referenced specs 
>> information.
>>
>> One thing I just noticed is that we don't specify the path of the 
>> UserInfo endpoint. Do we want to do so?
>>
>> Thanks,
>> George
>> <openid-connect-userinfo-1_0.html>_______________________________________________
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net 
>> <mailto:Openid-specs-ab at lists.openid.net>
>> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>

-- 
Chief Architect                   AIM:  gffletch
Identity Services Engineering     Work: george.fletcher at teamaol.com
AOL Inc.                          Home: gffletch at aol.com
Mobile: +1-703-462-3494           Blog: http://practicalid.blogspot.com
Office: +1-703-265-2544           Twitter: http://twitter.com/gffletch

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20110701/5d43d5d1/attachment.html>


More information about the Openid-specs-ab mailing list