[Openid-specs-ab] user claims in id_token
Mike Jones
Michael.Jones at microsoft.com
Tue Aug 18 21:31:42 UTC 2015
Yes, this is valid as the value of a "claims" request parameter. Bear in mind that not all servers support this parameter, however, so your results will vary depending upon the server used.
-- Mike
From: Openid-specs-ab [mailto:openid-specs-ab-bounces at lists.openid.net] On Behalf Of Preibisch, Sascha H
Sent: Tuesday, August 18, 2015 2:28 PM
To: openid-specs-ab at lists.openid.net Ab
Subject: [Openid-specs-ab] user claims in id_token
Hi!
I almost feel bad to ask because I should find the answer in the spec. But I did not find it.
Is it valid to request "userinfo" related claims to be in the id_token?
Can I sent a request object like shown below? I would like to avoid the call to the /userinfo endpoint.
Thanks, Sascha
{
"userinfo":
{
"given_name": {"essential": true},
"nickname": null,
"email": {"essential": true},
"email_verified": {"essential": true},
"picture": null,
"http://example.info/claims/groups": null
},
"id_token":
{
"given_name": {"essential": true},
"nickname": null,
"email": {"essential": true}
}
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20150818/3d0141ac/attachment.html>
More information about the Openid-specs-ab
mailing list