[Openid-specs-ab] Issue #1643: Define error codes for the Credential Issuance Endpoint (openid/connect)
Thomas Bellebaum
issues-reply at bitbucket.org
Wed Sep 21 12:05:30 UTC 2022
New issue 1643: Define error codes for the Credential Issuance Endpoint
https://bitbucket.org/openid/connect/issues/1643/define-error-codes-for-the-credential
Thomas Bellebaum:
The credential issuance endpoint has an error return body which is not thoroughly defined. Most importantly, the non-normative example in that section seems to suggest that the response should contain an “error” key, whose values are never explicitly defined.
This is in contrast to e.g. OAuth, which has an IANA registry for exactly this purpose, but more importantly, we need this defined here especially to support requesting a c\_nonce, since the error code seems to be the issuer’s way of communicating to the client that it wishes to have a nonce used in the `proof`, and that it may try again using the given nonce.
More information about the Openid-specs-ab
mailing list