[Openid-specs-ab] Issue #1407: "Self-Issued OP Request" may deserve a definition (openid/connect)
Nat
issues-reply at bitbucket.org
Fri Jan 21 07:19:14 UTC 2022
New issue 1407: "Self-Issued OP Request" may deserve a definition
https://bitbucket.org/openid/connect/issues/1407/self-issued-op-request-may-deserve-a
Nat Sakimura:
The term “Self-Issued OP Request” appears 13 times in this document. However, it is not formally defined and only described at the beginning of Clause 5.
> OpenID Connect Authentication Request that results in an End-User providing an ID Token to the Relying Party through the Self-Issued OP
I am not even sure if this description is correct. For example, if the user denial or other things resulting an error, would that request now become something else than Self-Issued OP Request? Probably not.
It probably would be better to introduce it as a defined term. A bit of generalization would help to make it consistent.
Proposal:
Introduce the following as a defined term.
**Self-Issued OP Request**
OpenID Connect Authentication Request to a Self-Issued OP
Change the beginning of Clause 5 as follows:
Self-Issued OP Request results in the provision of ID Token to the requesting Relying Party when End-User authentication succeeds and the End-User provides necessary grant.
More information about the Openid-specs-ab
mailing list