[Openid-specs-ab] New Revision of SIOPv2
Torsten Lodderstedt
torsten at lodderstedt.net
Thu Jan 5 16:05:31 UTC 2023
Absolutely! Thanks!
> Am 05.01.2023 um 14:50 schrieb Brian Campbell <bcampbell at pingidentity.com>:
>
>
> On Sun, Jan 1, 2023 at 7:42 AM Torsten Lodderstedt via Openid-specs-ab <openid-specs-ab at lists.openid.net <mailto:openid-specs-ab at lists.openid.net>> wrote:
>
> The new revision makes SIOPv2 compatible with JAR, i.e. the authorization request MUST no longer contain all request parameters but only the client_id and the request/request_uri parameter.
>
> Should the example at https://openid.net/specs/openid-connect-self-issued-v2-1_0-12.html#section-5-5 <https://openid.net/specs/openid-connect-self-issued-v2-1_0-12.html#section-5-5> (that has nonce, scope, and response_type) be updated to reflect that?
>
>
> response_type=id_token
> &client_id=https%3A%2F%2Fclient.example.org <http://2fclient.example.org/>%2Fcb
> &request_uri=https%3A%2F%2Fclient.example.org <http://2fclient.example.org/>%2Frequest
> &scope=openid
> &nonce=n-0S6_WzA2Mj
>
> CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20230105/78b4bc25/attachment-0001.html>
More information about the Openid-specs-ab
mailing list