[Openid-specs-ab] Issue #1680: Federation error parameter operation is underspecified (openid/connect)
mbj
issues-reply at bitbucket.org
Fri Oct 14 00:45:32 UTC 2022
New issue 1680: Federation error parameter operation is underspecified
https://bitbucket.org/openid/connect/issues/1680/federation-error-parameter-operation-is
Michael Jones:
The generic error response at [https://openid.net/specs/openid-connect-federation-1\_0-23.html#name-generic-error-response](https://openid.net/specs/openid-connect-federation-1_0-23.html#name-generic-error-response) includes an `operation` parameter that is not present in OAuth errors. There’s one example in the spec where the `operation` value is `resolve` but no other values for other operations are specified.
We should do one of two things: delete the `operation` parameter, since the operation is already known in the context of the request that the error is in response to, or specify the `operation` values for all operations.
I’m in favor of simply deleting it - aligning with the OAuth error format.
This is related to [https://bitbucket.org/openid/connect/pull-requests/323](https://bitbucket.org/openid/connect/pull-requests/323).
More information about the Openid-specs-ab
mailing list