[Openid-specs-ab] Issue #998: subject_types_supported - should or must? (openid/connect)
Vladimir Dzhuvinov
issues-reply at bitbucket.org
Wed Aug 10 14:34:09 UTC 2016
New issue 998: subject_types_supported - should or must?
https://bitbucket.org/openid/connect/issues/998/subject_types_supported-should-or-must
Vladimir Dzhuvinov:
Today an OIDC developer (https://twitter.com/leleuj) informed me about a discrepancy in the OIDC spec regarding the **subject_types_supported** OP metadata parameter:
Core says
http://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes
> The OpenID Provider's Discovery document SHOULD list its supported Subject Identifier types in the subject_types_supported element.
Discovery however says that this parameters is required:
https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata
> subject_types_supported
REQUIRED. JSON array containing a list of the Subject Identifier types that this OP supports. Valid types include pairwise and public.
More information about the Openid-specs-ab
mailing list