[Openid-specs-ab] Issue #1215: SIOP requires user consent (openid/connect)
tomcjones
issues-reply at bitbucket.org
Tue Mar 23 14:32:38 UTC 2021
New issue 1215: SIOP requires user consent
https://bitbucket.org/openid/connect/issues/1215/siop-requires-user-consent
Tom Jones:
In OIDC consent was optional. I don’t believe that idea should apply to SIOP. Consent is always required. It might occur in different forms on \(or through\) the wallet. It might be buried in some user gesture, It might be remembered in some refresh token. But it is always required.
More information about the Openid-specs-ab
mailing list