[Openid-specs-mobile-profile] Request : Query : regarding specs for identity platform list

Siva siva at bruhaspathi.co.uk
Sat Jan 2 23:27:31 UTC 2021

Dear All,
Happy New Year 2021. Hope everyone is safe and happy -😊.
Seeking your advise and help regarding specs :

I have collected the following profile from  www.openid.net specifications page, from different working groups.  This is related to JSON based OpenID connect protocol to design an identity platform of my own.  Please suggest if I am missing any specifications related to OpenID connect.
Thanks in advance for your support.

I am mainly looking for OpenID connect / authorization server-based protocol specifications. Most of the docs I already know, but if I am missing any in-progress documents in the bitbucket, it will help finalize my ideas.

Most of the use cases are related to log in, approvals ( finance, machine to machine approvals ( where a user is a machine), 3rd party approvals, user approvals in real-time / time-bound, robot to robot approvals via intranet and internet wherever applicable).

I am also developing a different flavour based on SAML, which will be a separate topic once the work is in progress will let you know.

Also, request you to provide bitbucket access to my email ID to participate on the on-going specs, `I am not receiving bitbucket update emails in real-time.

I will contact the FAPI and open-banking groups separately.

My name : Siva Boyalakuntla
e-mail : siva at bruhaspathi.co.uk

Below is the list of specs, that I know as of today.

Best Regards,
/Siva Boyalakuntla

Specifications and Implementer’s Guides
Final Specifications
·         OpenID Connect Core<https://openid.net/specs/openid-connect-core-1_0.html> – Defines the core OpenID Connect functionality: authentication built on top of OAuth 2.0 and the use of claims to communicate information about the End-User
·         OpenID Connect Discovery<https://openid.net/specs/openid-connect-discovery-1_0.html> – (Optional) Defines how clients dynamically discover information about OpenID Providers
·         OpenID Connect Dynamic Registration<https://openid.net/specs/openid-connect-registration-1_0.html> – (Optional) Defines how clients dynamically register with OpenID Providers
·         OAuth 2.0 Multiple Response Types<https://openid.net/specs/oauth-v2-multiple-response-types-1_0.html> – Defines several specific new OAuth 2.0 response types
·         OAuth 2.0 Form Post Response Mode<https://openid.net/specs/oauth-v2-form-post-response-mode-1_0.html> – (Optional) Defines how to return OAuth 2.0 Authorization Response parameters (including OpenID Connect Authentication Response parameters) using HTML form values that are auto-submitted by the User Agent using HTTP POST
Implementer’s Drafts
·         Session Management<https://openid.net/specs/openid-connect-session-1_0.html> – (Optional) Defines how to manage OpenID Connect sessions, including postMessage-based logout and RP-initiated logout functionality
·         Front-Channel Logout<https://openid.net/specs/openid-connect-frontchannel-1_0.html> – (Optional) Defines a front-channel logout mechanism that does not use an OP iframe on RP pages
·         Back-Channel Logout<https://openid.net/specs/openid-connect-backchannel-1_0.html> – (Optional) Defines a logout mechanism that uses direct back-channel communication between the OP and RPs being logged out
·         OpenID Connect Federation<https://openid.net/specs/openid-connect-federation-1_0.html> – (Optional) Defines how sets of OPs and RPs can establish trust by utilizing a Federation Operator

  *   OpenID Connect MODRNA Authentication Profile<http://openid.net/specs/openid-connect-modrna-authentication-1_0.html>
  *   OpenID Connect Account Porting<http://openid.net/specs/openid-connect-account-porting-1_0.html>
  *   OpenID Connect Client Initiated Backchannel Authentication Flow – Core<https://openid.net/specs/openid-client-initiated-backchannel-authentication-core-1_0.html> (replacing OpenID Connect Backchannel Authentication<http://openid.net/specs/openid-connect-modrna-client-initiated-backchannel-authentication-1_0.html>)
·         OpenID Connect RP-Initiated Logout<https://openid.net/specs/openid-connect-rpinitiated-1_0.html> – (Optional) Defines how a Relying Party requests that an OpenID Provider log out the End-User
·         Initiating User Registration via OpenID Connect<https://openid.net/specs/openid-connect-prompt-create-1_0.html> – (Optional) Defines the prompt=create authentication request parameter
·         OpenID Connect Core Error Code unmet_authentication_requirements<https://openid.net/specs/openid-connect-unmet-authentication-requirements-1_0.html> – (Optional) Defines the unmet_authentication_requirements authentication response error code
·         OpenID Connect Native SSO for Mobile Apps<https://openid.net/specs/openid-connect-native-sso-1_0.html> – (Optional) Enables native applications by the same vendor to share login information
·         OpenID Connect Claims Aggregation<https://openid.net/specs/openid-connect-claims-aggregation-1_0.html> – (Optional) Enables RPs to request and Claims Providers to return aggregated claims

  *   OpenID Connect for Identity Assurance<https://openid.net/specs/openid-connect-4-identity-assurance-1_0.html> – (Optional) Defines an OpenID Connect extension for Identity Assurance
  *   OpenID Connect MODRNA Discovery Profile<https://openid.net/specs/openid-connect-modrna-discovery-1_0.html>
  *   OpenID Connect MODRNA Registration Profile<https://openid.net/wordpress-content/uploads/2014/04/draft-mobile-registration-01.html>
  *   MODRNA: Client Initiated Backchannel Authentication Profile<https://openid.net/specs/openid-connect-modrna-client-initiated-backchannel-authentication-profile-1_0.html> (replacing OpenID Connect Backchannel <http://openid.net/specs/openid-connect-modrna-client-initiated-backchannel-authentication-1_0.html>

Implementer’s Guides
Two implementer’s guides are also available to serve as self-contained references for implementers of basic Web-based Relying Parties:
·         Basic Client Implementer’s Guide<https://openid.net/specs/openid-connect-basic-1_0.html> – Simple subset of the Core functionality for a web-based Relying Party using the OAuth code flow
·         Implicit Client Implementer’s Guide<https://openid.net/specs/openid-connect-implicit-1_0.html> – Simple subset of the Core functionality for a web-based Relying Party using the OAuth implicit flow

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-mobile-profile/attachments/20210102/eaa1cffa/attachment-0001.html>

More information about the Openid-specs-mobile-profile mailing list