[Openid-specs-ab] [External Sender] Re: IDP Hint for /authorization requests
David Waite
david at alkaline-solutions.com
Wed Aug 3 18:57:21 UTC 2022
So this isn’t a hint for a RP/client to know which OP/AS to use, but for an RP/client to tell an OP/AS which upstream OP/AS to use?
Would it make sense to represent as an AMR?
-DW
> On Aug 2, 2022, at 4:52 PM, Vittorio Bertocci <vittorio.bertocci at okta.com> wrote:
>
> Well, there’s no guarantee that the IdP is connected to the OP/AS via OIDC- in fact protocol transition is super common. The actual IdP might have no notion of issuer.
>
> On Tue, Aug 2, 2022 at 15:50 David Waite <david at alkaline-solutions.com <mailto:david at alkaline-solutions.com>> wrote:
>>
>> This message originated outside your organization.
>>
>>
>> But wouldn’t it usually be the issuer?
>>
>> Sent from my iPhone
>>
>> > On Aug 2, 2022, at 9:50 AM, George Fletcher via Openid-specs-ab <openid-specs-ab at lists.openid.net <mailto:openid-specs-ab at lists.openid.net>> wrote:
>> >
>> >
>> > All very relevant points. I was looking at it more as idp_hint=<string> where <string> is defined by the specific OP and explicitly left out of scope of the spec. All it does is standardize the name of the parameter and let each implementation define its own syntax.
>>
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20220803/a5555763/attachment.html>
More information about the Openid-specs-ab
mailing list