[Openid-specs-ab] Connect Flows and Userinfo Endpoint
David Recordon
dr at fb.com
Fri Jan 7 07:43:15 UTC 2011
I see two cases which may not work here:
1. you're requesting public data in which case just a userid is required and no access token or JWT
2. you got the access token via a non-OpenID OAuth 2.0 flow. I can imagine a PoCo endpoint doubling as the OpenID user info API.
On 1/6/11 11:40 PM, "Nat Sakimura" <sakimura at gmail.com<mailto:sakimura at gmail.com>> wrote:
Hi guys.
Do you have objection to passing the entire JWT ("signed") instead of access_token and user_id extracted to the UserInfo endpoint?
That seems to be a lot simpler.
=nat
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20110107/1570f425/attachment.html>
More information about the Openid-specs-ab
mailing list