[Openid-specs-ab] Handling of Issuer ID
ve7jtb at ve7jtb.com
Mon Jul 11 15:01:51 UTC 2011
If the RP doesn't know anything about the IdP then provider discovery is required to convert a user identifier to a Provider ID.
If you are setting up a RP doing only directed identity and know what the provider ID's are then you can just get the info from the well-known location.
Provider ID is host and Port.
I am clarifying that the scheme must always be https in the next draft.
Provider ID will be a https url that MUST contain HOST and may contain PORT. There is no path component allowed.
Allowing multiple schemes and describing it as a Java Script Origin is too complicated.
On 2011-07-11, at 10:22 AM, Ryo Ito wrote:
> I think that Current Spec is lacking the conversion from Issuer ID to
> OAuth Endpoints.
> According to Section 3 of Discovery Spec, the RP obtains Issuer ID by
> Provider Discovery.
> When the RP doesn't know OAuth Endpoints, is "Configration Discovery" required?
> Does the request use only hostname of Issuer ID?
> Ryo Ito
> Email : ritou.06 at gmail.com
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
More information about the Openid-specs-ab