[OpenID-Specs-eKYC-IDA] Issue #1150: Purpose in claims request should be limited to only contain allowed characters (openid/ekyc-ida)

rolandh issues-reply at bitbucket.org
Thu Jan 16 11:18:03 UTC 2020


New issue 1150: Purpose in claims request should be limited to only contain allowed characters
https://bitbucket.org/openid/ekyc-ida/issues/1150/purpose-in-claims-request-should-be

Roland  Hedberg:

In OIDC error\_description is limited to “Human-readable ASCII encoded text description of the error.”.

RFC6749 it’s even more restricted: “Values for the "error\_description" parameter MUST NOT include characters outside the set %x20-21 / %x23-5B / %x5D-7E.”

Something similar should be applied to **purpose** in claims requests as described in section 5.1 since it's expected to be shown to users.

‌




More information about the Openid-specs-ekyc-ida mailing list