[Openid-specs-ab] client_credentials grant_type
Nat Sakimura
sakimura at gmail.com
Tue Sep 18 01:28:34 UTC 2012
On 2012/09/18, at 0:46, John Bradley <ve7jtb at ve7jtb.com> wrote:
> I don't understand the question.
>
> In the BAE2 case the authentication is typically PIV or PIV-I.
> That triggers the RP to do a SAML attribute query using the FASC-N as the subject identifier.
>
> There is a philosophical question about enabling the retrieval of attributes without explicit user involvement.
That is a fairly common model. It is not always true that user wants
an explicit involvement either.
We should support this kind of model as well.
Nat
More information about the Openid-specs-ab
mailing list