[Openid-specs-ab] UserInfo endpoint -- FB's suggestion

Breno de Medeiros breno at google.com
Thu Jun 2 21:53:55 UTC 2011 

An initial remark to get this started:

The specific format of request/response is less important than
ensuring wide adoption and interop for what are very simple (but
valuable) attribute types.

Points of agreement in the proposals are more significant than the
points of disagreement:

- OAuth2 protected resource as the interaction pattern with the endpoint
- attribute set (any differences are covered by the language that says
IDPs are not required to provide all attributes)
- how to request specific attributes
- JSON representation

Disagreement:

- Parameter names
- Parameter values in the IIW proposal can be different than string

On Thu, Jun 2, 2011 at 14:45, Edmund Jay <ejay at mgi1.com> wrote:
>
> Sorry, I forgot to attach the draft.
>
> -- Edmund
>
> ________________________________
> From: "ejspm-openidab at yahoo.com" <ejspm-openidab at yahoo.com>
> To: Breno de Medeiros <breno at google.com>; "openid-specs-ab at lists.openid.net"
> <openid-specs-ab at lists.openid.net>
> Cc: David Recordon <dr at fb.com>
> Sent: Thu, June 2, 2011 2:34:15 PM
> Subject: Re: [Openid-specs-ab] UserInfo endpoint -- FB's suggestion
>
> Hi,
>
> I'm attaching a draft of the Userinfo endpoint schema that a couple of us
> worked on which reflects the consensus that was reached at IIW 2011.
>
> -- Edmund
>
>
> ________________________________
> From: Breno de Medeiros <breno at google.com>
> To: "openid-specs-ab at lists.openid.net" <openid-specs-ab at lists.openid.net>
> Cc: David Recordon <dr at fb.com>
> Sent: Thu, June 2, 2011 1:32:44 PM
> Subject: [Openid-specs-ab] UserInfo endpoint -- FB's suggestion
>
> Some Googlers went on a trek to Facebook HQ to talk about UserInfo
> endpoint schema. That's the counter-proposal that FB put forward for
> the UserInfo endpoint (FBers, please scream if I mis-represent).
>
> id - global user id
> name (name in a displayable form including all name parts in the order
> compatible with user's locale and preferences).
> given_name
> family_name
> profile - URL of profile
> picture - URL of picture
> email
> gender
> birthday (I think in yyyy-mm-dd format?)
> locale (xx-XX ??)
> verified (boolean indicating verification status of email)
>
> --
> --Breno
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
>



-- 
--Breno

More information about the Openid-specs-ab mailing list