[Openid-specs-ab] Issue #905: Core - Example A.2 - Add full ID Token validation example (openid/connect)

Nat Sakimura issues-reply at bitbucket.org
Wed Nov 27 12:10:18 UTC 2013


New issue 905: Core - Example A.2 - Add full ID Token validation example
https://bitbucket.org/openid/connect/issue/905/core-example-a2-add-full-id-token

Nat Sakimura:

Current example only describes the payload. 

For developers, a full example explaining what to be expected in the JWS header and how they should be treated would be very useful. 

For example, see http://stackoverflow.com/questions/20159782/how-can-i-decode-a-google-oauth-2-0-jwt-in-a-node-app

IMHO, the header should also include the "kid" to indicate how to deal with "kid" and x5u or jku. 








More information about the Openid-specs-ab mailing list