[Openid-specs-ab] Issue #1491: Do we want to communicate details of why a back-channel logout failed? (openid/connect)
mbj
issues-reply at bitbucket.org
Thu May 5 10:06:36 UTC 2022
New issue 1491: Do we want to communicate details of why a back-channel logout failed?
https://bitbucket.org/openid/connect/issues/1491/do-we-want-to-communicate-details-of-why-a
Michael Jones:
We used to distinguish between causes for back-channel logout failures by using 5xx HTTP error codes. There was consensus not to do so. PR #169 eliminated the use of 5xx error codes to make these distinctions.
Some have suggested adding “error” and “error\_description” response body parameters to communicate these reasons. Are people in favor of this or is the spec fine as-is?
Responsible: Michael Jones
More information about the Openid-specs-ab
mailing list