[Openid-specs-ab] OpenID Connect and virtual organizations

Roland Hedberg roland.hedberg at adm.umu.se
Fri Aug 17 13:51:22 UTC 2012


Hi Nat,

Nat Sakimura skrev 2012-08-17 11:35:
> 
> One of the challenge is that IdP may not know about the AA and the
> access token is opaque.

I would say that the common case is that the IdP doesn't know about the AA.
And yes, if the access token had a common format that would make life
easier. Specially if the format was such that the information could be
individually verified.

> Maybe something like this would solve your problem?

Possibly, have to do a test set up.

Nice picture by they way, have to try to draw one myself.

-- Roland



More information about the Openid-specs-ab mailing list