[Openid-specs-ab] [openid/connect] Messages 2.1.2 -- Add login_id hint to authorization request (issue #646)
Richer, Justin P.
jricher at mitre.org
Thu Aug 30 17:59:19 UTC 2012
I think we want to keep the sentiment but solidify the wording. How about:
OPTIONAL. A hint to the authorization service as to the login_id the user may use to authenticate. If an RP first asks the user for their email address (or other identifier), it MAY pass this string to the IdP using this parameter. It is RECOMMENDED that the hint value match the value used for discovery, including any normalization. The IdP's specific response to this parameter (such as pre-filling a username field on a login form or checking against a current user session at the IdP) is out of scope of this specification, and the IdP MAY ignore the value entirely.
On Aug 30, 2012, at 1:48 PM, Nat Sakimura wrote:
> Thanks George.
> I have added a comment to the ticket.
> After having thought a little bit, I have a problem with the last
> sentence "The use of this parameter is up to the IdP's discretion."
> On Thu, Aug 30, 2012 at 11:30 PM, gffletch <issues-reply at bitbucket.org> wrote:
>> --- you can reply above this line ---
>> New issue 646: Messages 2.1.2 -- Add login_id hint to authorization request
>> Add a hint from the RP to the IdP regarding the user's login id at the IdP.
>> OPTIONAL. A hint to the authorization service as to the login_id the user may use to authenticate (if necessary). This hint can be used by an RP if it first asks the user for their email address (or other identifier) and then wants to pass that value as a hint to the discovered authorization service. It is recommended that the hint value match the value used for discovery. The use of this parameter is up to the IdP's discretion.
>> This is an issue notification from bitbucket.org. You are receiving
>> this either because you are the owner of the issue, or you are
>> following the issue.
> Nat Sakimura (=nat)
> Chairman, OpenID Foundation
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
More information about the Openid-specs-ab