[Openid-specs-ab] Issue #1448: [siop] Definition of the same-device and cross-device flows (openid/connect)
Kristina Yasuda
issues-reply at bitbucket.org
Mon Feb 28 22:54:26 UTC 2022
New issue 1448: [siop] Definition of the same-device and cross-device flows
https://bitbucket.org/openid/connect/issues/1448/siop-definition-of-the-same-device-and
Kristina Yasuda:
There is a model that falls out of definitions of both same-device and cross-device flows in SIOP v2 specification. It’s when the flow starts and ends on one device, but the response\_mode used is the same as if separate devices are involved. A table below might help:
| | **Request** | **Response** |
| --- | --- | --- |
| original cross-device model | QR code | HTTP POST request |
| original same-device model | deep-link | redirect |
| <<How to call this?>> | deep-link | HTTP POST request |
Below is the current definition of the same-device and cross-device flows in SIOP v2 specification.
> Same-Device Self-Issued OP model: Self-Issued OP is on the same device on which the End-User's user interactions are occurring. The RP might be a Web site on a different machine and still use the same-device Self-Issued OP protocol flow for authentication.
>
> Cross-device Self-Issued OP model: Self-Issued OP is on a different device than the one on which the End-User's user interactions are occurring
We could modify the definition or we could add a note to accommodate a third model…
More information about the Openid-specs-ab
mailing list