[Openid-specs-mobile-profile] [E] CIBA - Backchannel Authentication Endpoint and OIDC request object endpoint
Bjorn.Hjelm at VerizonWireless.com
Fri May 12 05:53:03 UTC 2017
I don't see a reason why we wouldn't address this in MODRNA WG but I'll let John and authors of the CIBA specification share their view as well.
On May 12, 2017, at 7:41 AM, Nat Sakimura <n-sakimura at nri.co.jp<mailto:n-sakimura at nri.co.jp>> wrote:
OIDC core defines request_uri. It does not define a particular way of setting up the endpoint that receives request object but just says that it needs to save the request object.
CIBA's Backchannel Authentication Endpoint is very close to it except that it is not accepting the signed JWS.
FAPI Part 2 defined an endpoint at the AS that saves the request object.
I and John were talking of propagating it to OAuth JAR as well.
I kind of feel that these can be harmonized. Is there any appetite to do so in Modrna WG?
PLEASE READ :This e-mail is confidential and intended for the
named recipient only. If you are not an intended recipient,
please notify the sender and delete this e-mail.
Openid-specs-mobile-profile mailing list
Openid-specs-mobile-profile at lists.openid.net<mailto:Openid-specs-mobile-profile at lists.openid.net>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-mobile-profile