[Openid-specs-ab] Pointing out that the UserInfo claims can be extended
Mike Jones
Michael.Jones at microsoft.com
Tue Mar 26 20:42:20 UTC 2013
Done
-----Original Message-----
From: nat [mailto:nat at sakimura.org]
Sent: Monday, March 25, 2013 10:17 PM
To: Mike Jones
Cc: openid-specs-ab at lists.openid.net
Subject: Re: Pointing out that the UserInfo claims can be extended
Yes, but it is very obscure.
I had inquiry from multiple sources in multiple countries about how to extend the userinfo claims.
This is the sign that we should clarify the text.
Perhaps adding something like this would help (in Messages)
2.5.4. Extended Claims
While this specification defines only small set of claims as standard claims, other claims MAY be used in conjunction with the standard claims.
When using such claims, it is RECOMMENDED to use a collision resistant names for claim names. If the claim is believed to have general applicability, then it is RECOMMENDED to be added to the IANA JSON Web Token claims registry.
Nat
On Tue, 26 Mar 2013 00:46:26 +0000, Mike Jones wrote:
> Hi Nat,
>
> On one of the calls you'd asked me to point out in the specs that the
> set of claims that can be returned from the UserInfo endpoint can be
> extended. I looked into doing that, and discovered that Messages,
> Basic, and Implicit already have this text about the UserInfo
> Response:
>
> The Claims defined in <xref target="StandardClaims"/>
> can be returned, as can additional Claims not specified there.
>
> So we're already saying that the claims can be extended.
>
> If that's not what you had in mind, could you provide alternative
> language that you were thinking of instead?
>
>
> Thanks,
> --
> Mike
More information about the Openid-specs-ab
mailing list