[Openid-specs-ab] amr: strings versus objects
Vladimir Dzhuvinov
vladimir at connect2id.com
Thu Jul 28 14:32:06 UTC 2016
Mike, you should probably speak up to the OAuth WG list, the AMR spec is
being crafted there.
As for making the AMR values JSON objects, this will make their use
harder for people who don't need this extra functionality.
But if you do need that, you could send along a secondary AMR context
claim, that references the AMR values:
"amr":["mfa", "pwd", "otp"],
"amr_context":{"mfa":{ context }, "pwd":{ context }...}
Vladimir
On 27/07/16 17:52, Mike Schwartz via Openid-specs-ab wrote:
> OpenID Connect-heads:
>
> amr is defined as a "JSON array of strings"
>
> This seems somewhat limiting... wouldn't it be better as a JSON array
> of objects? That would enable us to convey more context about these
> particular strings...
>
> If the spec says "The definition of particular values to be used in
> the amr Claim is beyond the scope of this specification", why are you
> specifying the type of the values?
>
> - Mike
>
>
> -------------------------------------
> Michael Schwartz
> Gluu
> http://gluu.org
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3711 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20160728/d06f3538/attachment.p7s>
More information about the Openid-specs-ab
mailing list