[Openid-specs-ab] Request with prompt=login
Hasanthi Purnima Dissanayake
hasanthi at wso2.com
Wed Jul 20 06:29:10 UTC 2016
I am sending prompt=login parameter with the authorization request when the
End-User is already authenticated. According to the spec  , in this case
the Authorization Server MUST reauthenticate the End-User even if the
End-User is already authenticated. So the server prompts the login page
again and the use has to provide credentials again.
Once we are running the OIDC compliance test cases I'm getting following
description: Verifies that multiple authentication was used in the flow
info: Not two separate authentications!
So what is the actual thing that the server suppose to do with prompt=login
parameter in authorization request. Does the server need to log out the
user if there is an already authenticated session with the prompt=login
parameter? Otherwise how can we avoid this multiple authentication error?
Any suggestion is highly appreciated.
Software Engineer | WSO2
E: hasanthi at wso2.com
M :0718407133| http://wso2.com <http://wso2.com/>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-ab