[Openid-specs-ab] How to use OIDC claims as an identity oracle
Prateek Mishra
Prateek.Mishra at oracle.com
Tue Nov 8 16:19:00 UTC 2016
George,
Have you considered using SCIM for these more advanced queries? SCIM includes a query language (age above 18) and also schema for attributes that lie outside the standard.
Phil recently a published a draft explaining how a OIDC client could also act as a SCIM client within the OIDC framework.
http://openid.net/specs/openid-connect-scim-profile-1_0.html <http://openid.net/specs/openid-connect-scim-profile-1_0.html>
- prateek
> On Nov 4, 2016, at 12:32 PM, George Fletcher via Openid-specs-ab <openid-specs-ab at lists.openid.net> wrote:
>
> Hi,
>
> As a relying party, I'd love to be able to ask the OpenID Provider whether the user authenticating is over a particular age. This could be used in may use cases. However, when I look at the spec, there is only a provided claim name of 'birthdate'. I don't really want the user's birth date, just an assertion that the user is over a particular age.
>
> I don't see a way to do this via the OIDC claim mechanism. Any thoughts on how a RP may make such a request?
>
> Thanks,
> George
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20161108/2bb0a694/attachment.html>
More information about the Openid-specs-ab
mailing list