[Openid-specs-ab] New Revision of SIOPv2
Brian Campbell
bcampbell at pingidentity.com
Thu Jan 5 13:50:20 UTC 2023
On Sun, Jan 1, 2023 at 7:42 AM Torsten Lodderstedt via Openid-specs-ab <
openid-specs-ab at lists.openid.net> wrote:
>
> The new revision makes SIOPv2 compatible with JAR, i.e. the authorization
> request MUST no longer contain all request parameters but only the
> client_id and the request/request_uri parameter.
>
Should the example at
https://openid.net/specs/openid-connect-self-issued-v2-1_0-12.html#section-5-5
(that has nonce, scope, and response_type) be updated to reflect that?
response_type=id_token
&client_id=https%3A%2F%2Fclient.example.org%2Fcb
&request_uri=https%3A%2F%2Fclient.example.org%2Frequest
&scope=openid
&nonce=n-0S6_WzA2Mj
--
_CONFIDENTIALITY NOTICE: This email may contain confidential and privileged
material for the sole use of the intended recipient(s). Any review, use,
distribution or disclosure by others is strictly prohibited. If you have
received this communication in error, please notify the sender immediately
by e-mail and delete the message and any file attachments from your
computer. Thank you._
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20230105/410869ea/attachment.html>
More information about the Openid-specs-ab
mailing list