[Openid-specs-ab] Issue #916: Session - 5.1.1 Consider registration of session_signout_uri parameter (openid/connect)

lainhart issues-reply at bitbucket.org
Tue Jan 21 18:27:14 UTC 2014


New issue 916: Session - 5.1.1 Consider registration of session_signout_uri parameter
https://bitbucket.org/openid/connect/issue/916/session-511-consider-registration-of

lainhart:

In addition to what is specified in the current draft of the Session spec, our implementation provides server-side session sign-out notifications.  If a client has registered a session sign-out URI with the OP, the OP will attempt to notify that client of any terminated sessions that the client is participating in, by calling that URI with an "id_token" query parameter whose value represents the session just ended.  There is no guarantee of service on this call.

I'm looking for feedback from the group on this approach.




More information about the Openid-specs-ab mailing list