[Openid-specs-ab] Submission: prompt=create draft spec
George Fletcher
gffletch at aol.com
Fri Feb 1 17:00:25 UTC 2019
Ahh... good use case! I think allowing the OP to make the decision on
whether it wants to either ignore the current authentication session or
show an interstitial page makes sense.
Thanks,
George
On 1/31/19 11:21 PM, nov matake via Openid-specs-ab wrote:
> �One more feedback from one of my clients.
>
> The user could have authenticated session between IdP when
> prompt=create is sent.
> In that case, can IdP show signup page with “or continue as Nov” link?
> (I think it’s also up to IdP policy though.)
>
> nov
>
>> On Feb 1, 2019, at 12:43, nov matake <nov at matake.jp
>> <mailto:nov at matake.jp>> wrote:
>>
>> The behavior could be same, if IdP can return code after signup flow
>> in same browser session.
>>
>> Plus, the prompt handling is up to IdP’s policy.
>> Showing login page w/o signup link also OK if it’s IdP’s decision.
>> If RP wants to refuse it, RP would need a way to know signup datetime
>> in userinfo response etc.
>>
>> Sent from my iPhone
>>
>> On Feb 1, 2019, at 12:15, Brock Allen <brockallen at gmail.com
>> <mailto:brockallen at gmail.com>> wrote:
>>
>>> > So that, allowing "prompt=create login” seems meaningful to me.
>>>
>>> So then how's this different than the OP just letting the user click
>>> on a "register" button from the login page? IOW, wouldn't "create"
>>> be implied?
>>>
>>> BTW, it might sound like I'm against this new prompt param -- I'm
>>> not. I am just trying to get it straight in my mind.
>>>
>>> -Brock
>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20190201/7b48ba85/attachment.html>
More information about the Openid-specs-ab
mailing list