[Openid-specs-ab] OpenID query - Hybrid Flow Authentication

Nughmman Butt nughmman.butt at gmail.com
Thu Mar 7 12:49:56 UTC 2019


I am going through the following website:


My query relates to the Hybrid Flow Authentication.

*Section Successful Authentication Response states:*

Authorization Code. This is always returned when using the Hybrid Flow."

*section Authentication Response Validation, clause 5 states:*

"Follow the Authorization Code validation rules in Section when
the response_type value used is *code id_token* or *code id_token token*."

Shouldn't clause 5 mention all 3 hybrid flow response types i.e
code id_token, code id_token token *AND CODE TOKEN*?

Please advise.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20190307/71b4bfeb/attachment.html>

More information about the Openid-specs-ab mailing list