[Openid-specs-fapi] JWT Secured Authorization Response Mode (#155)

Brian Campbell bcampbell at pingidentity.com
Wed Aug 15 12:41:31 UTC 2018

As a Response Mode, I had envisioned that all the authorization response
parameters would be passed as claims of the JWT. And would be applicable to
any response types. Something like that would more closely mirror OAuth
JAR. And be a more generally applicable response mode.

What is in this draft is more of a specialized treatment of the code
response parameter (also state). If that's the extent of the functionality,
it's probably more appropriate to be defined as a new response type (I know
I suggested response mode but that was with the thinking that it'd be a
generalized mode for encoding all the response params). Or, if response
mode is used to signal this functionality, the mode value (and spec title)
should probably be more true to what it is actually doing. Like
response_mode=code_in_jwt_with_state_as_s_hash_and_other_stuff_undefined or
just response_mode=jwt_code.

On Thu, Aug 9, 2018 at 10:03 AM Torsten Lodderstedt via Openid-specs-fapi <
openid-specs-fapi at lists.openid.net> wrote:

> Hi all,
> please find attached the first version of the draft on the new signed
> response mode (
> https://bitbucket.org/openid/fapi/issues/155/support-authorization-and-identity).
> As this draft mirrors OAuth JAR (as already pointed out by Nat), I choose
> the name accordingly.
> Looking forward for your feedback.
> kind regards,
> Torsten.
>    _______________________________________________
> Openid-specs-fapi mailing list
> Openid-specs-fapi at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-fapi

_CONFIDENTIALITY NOTICE: This email may contain confidential and privileged 
material for the sole use of the intended recipient(s). Any review, use, 
distribution or disclosure by others is strictly prohibited.  If you have 
received this communication in error, please notify the sender immediately 
by e-mail and delete the message and any file attachments from your 
computer. Thank you._
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20180815/73fed562/attachment.html>

More information about the Openid-specs-fapi mailing list