[Openid-specs-ab] Issue #1111: Expected behaviour of OP when don't have a requested claim (openid/connect)
issues-reply at bitbucket.org
Wed Oct 2 15:36:33 UTC 2019
New issue 1111: Expected behaviour of OP when don't have a requested claim
In OpenID Connect in for example “Authentication using the Authorization Code Flow“ what is the expected behaviour of the OP when a RP make a request for claims that OP don't know/have about an user, should return an error? should return a empty id token? When talk about empty i mean a id token just with a sub and no additional customer claims.
More information about the Openid-specs-ab