[Openid-specs-ab] Issue #1381: User with multiple devices (openid/connect)
David Chadwick
issues-reply at bitbucket.org
Fri Dec 17 11:22:51 UTC 2021
New issue 1381: User with multiple devices
https://bitbucket.org/openid/connect/issues/1381/user-with-multiple-devices
David Chadwick:
In OIDC it does not matter which device or browser the user uses, since the RP always redirects the user to the same OP, which always returns the same sub identifier. But with SIOP, the sub identifier is \(the hash of\) the public key of the user created by the SIOP on the device. So if a user has multiple devices they will have multiple key pairs, and therefore multiple sub identifiers. Can someone please explain how the user can authenticate with the same identifier from different devices using SIOP.
More information about the Openid-specs-ab
mailing list