[Openid-specs-ab] Possible state parameter for RP-initiated logout

John Bradley ve7jtb at ve7jtb.com
Wed Jul 2 14:20:37 UTC 2014


PS I do agree that the logout call should have a Client generated state parameter that is opaque to the IdP and returned in the response.

However that is not the state Mike was asking about as I understood the question.

On Jul 1, 2014, at 8:35 AM, Thomas Broyer <t.broyer at gmail.com> wrote:

> That makes sense. Particularly given that all post_logout_redirect_uri should be pre-registered and are compared byte-for-byte, leaving no place to, e.g., add query-string arguments to customize the behavior upon redirection. So yes, there should be a 'state' parameter.
> 
> I'm going to add it to our implementation ASAP.
> 
> 
> On Tue, Jul 1, 2014 at 2:31 AM, Mike Jones <Michael.Jones at microsoft.com> wrote:
> Some Microsoft product people have requested an optional “state” parameter for RP-initiated logout requests.  Like the OAuth “state” parameter this would be passed to the end_session_endpoint as an optional query parameter, and if present, would be passed back with the same value to the post_logout_redirect_uri endpoint.
> 
>  
> 
> What do people think of this proposal?
> 
>  
> 
> RP-initiated logout is defined at http://openid.net/specs/openid-connect-session-1_0.html#RPLogout.
> 
>  
> 
>                                                                 -- Mike
> 
>  
> 
> 
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
> 
> 
> 
> 
> -- 
> Thomas Broyer
> /tɔ.ma.bʁwa.je/
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20140702/219f44bc/attachment-0001.html>


More information about the Openid-specs-ab mailing list