[Openid-specs-ab] Using ID token as JWT assertion grant

Thomas Broyer t.broyer at gmail.com
Mon Sep 28 12:03:22 UTC 2015

On Mon, Sep 28, 2015 at 1:16 PM Vladimir Dzhuvinov <vladimir at connect2id.com>

> Hello,
> Is anyone using ID tokens as a JWT assertion grant to obtain access
> tokens from an AS?

Google is at least using something very similar:

> How do you go about satisfying the requirement that the AS URL (or AS
> token endpoint URL) must be present in the ID token audience (aud)? (The
> ID token audience is typically set to the client app).

AIUI, the idea is that the JWT is generated *by* the client.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20150928/b22755e5/attachment.html>

More information about the Openid-specs-ab mailing list