[Openid-specs-ab] Refreshing ID Tokens

Nat Sakimura sakimura at gmail.com
Sun Jul 29 20:43:37 UTC 2012

Could you kindly elaborate the use case a bit more please?

The rationale for not having refresh token equivalent for id_token was
to make sure that the user is   in presence and bound to the session.
How do you envisage the same in the context of the app in your


On Mon, Jul 30, 2012 at 4:43 AM, Torsten Lodderstedt
<torsten at lodderstedt.net> wrote:
> Hi all,
> the standard spec only mentions refreshing access tokens. I'm wondering
> whether it is possible to refresh an ID Token based on a refresh token or
> whether this always require a request to the authorization endpoint. In my
> opinion, using offline refresh tokens for this purpose would be a valueable
> feature for apps.
> regards,
> Torsten.
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab

Nat Sakimura (=nat)
Chairman, OpenID Foundation

More information about the Openid-specs-ab mailing list