[Openid-specs-ab] SIOPv2 Use Case question
Torsten Lodderstedt
torsten at lodderstedt.net
Tue Apr 19 15:52:41 UTC 2022
> Am 19.04.2022 um 15:41 schrieb David Chadwick via Openid-specs-ab <openid-specs-ab at lists.openid.net>:
>
>
>
> On 19/04/2022 14:32, Torsten Lodderstedt via Openid-specs-ab wrote:
>>>> 4. What if self-asserted claims are sufficient but the SIOP wallet doesn't support the required requested claim in the authentication request?
>>>
>>> I don’t entirely understand this question, sorry.
>>
>> I assume it would ignore unknown claims, like any other OIDC OP.
> I don't think this will work. The RP is most likely to reject the user that does not have the required claims. The only way unknown claims can work is if they are contained in a disjunctive request in which the other option contains claims that are known e.g. send <RP's proprietary unknown claim> or <government ID>.
>
> So if the SIOP wallet does not support the required requested claim(s) the user should be told that connection is not possible until <unknown claim(s)> is(are) obtained.
>
>
That’s certainly an option. But the user might also decide to proceed and use other means (!= the wallet) to provide the RP with the requested data.
> Kind regards
>
> David
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> https://lists.openid.net/mailman/listinfo/openid-specs-ab
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20220419/e28d0704/attachment.html>
More information about the Openid-specs-ab
mailing list