[Openid-specs-ab] user_id and domain
Breno de Medeiros
breno at google.com
Fri Aug 5 16:02:00 UTC 2011
On Thu, Aug 4, 2011 at 19:17, Nat Sakimura <sakimura at gmail.com> wrote:
> In the current Lite draft, there is no issuer nor domain in the UserInfo
I believe the issuer is in the token introspection endpoint, which is
necessary for sign-on as currently written.
Should userinfo endpoint be a superset of tokeninfo?
> That is what I was asking about.
> Also, in the current http-redirect draft, in the example, I found user_id
> and domain in the token response.
> This was another question. Is that just a typo or something?
> On Fri, Aug 5, 2011 at 11:12 AM, John Bradley <ve7jtb at ve7jtb.com> wrote:
>> The domain is the issuer in the id_token. I am not following the
>> There should be no difference between lite and full in that respect.
>> On 2011-08-04, at 10:02 PM, Nat Sakimura wrote:
>> I suppose even in Lite spec, the UserInfo has to return domain in addition
>> to user_id.
>> In the Standard spec, do we want to return user_id and domain as part of
>> the token endpoint response as well?
>> Nat Sakimura (=nat)
>> Chairman, OpenID Foundation
>> Openid-specs-ab mailing list
>> Openid-specs-ab at lists.openid.net
> Nat Sakimura (=nat)
> Chairman, OpenID Foundation
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
More information about the Openid-specs-ab