[Openid-specs-ab] Issue #961: In example, 200 OK response should be 302 Found (openid/connect)
James Manger
issues-reply at bitbucket.org
Mon Nov 3 00:46:31 UTC 2014
New issue 961: In example, 200 OK response should be 302 Found
https://bitbucket.org/openid/connect/issue/961/in-example-200-ok-response-should-be-302
James Manger:
The example authentication response in section 2 should be a redirect (eg 302) to the RP’s URI, particularly as there is an associated Location HTTP header.
Change:
HTTP /1.1 200 OK
Location: https://client.example.com/cb#
id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6IktleTAwMSJ9.ew0KIC
To: HTTP /1.1 302 Found
Location: https://client.example.com/cb#
id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6IktleTAwMSJ9.ew0KIC
More information about the Openid-specs-ab
mailing list