[Openid-specs-ab] Handling of Issuer ID

John Bradley ve7jtb at ve7jtb.com
Mon Jul 11 15:01:51 UTC 2011

If the RP doesn't know anything about the IdP then provider discovery is required to convert a user identifier to a Provider ID.

If you are setting up a RP doing only directed identity and know what the provider ID's are then you can just get the info from the well-known location.

Provider ID is host and Port.  

I am clarifying that the scheme must always be https in the next draft.

Provider ID will be a https url that MUST contain HOST and may contain PORT.  There is no path component allowed.

Allowing multiple schemes and describing it as a Java Script Origin is too complicated.

John B. 

On 2011-07-11, at 10:22 AM, Ryo Ito wrote:

> I think that Current Spec is lacking the conversion from Issuer ID to
> OAuth Endpoints.
> According to Section 3 of Discovery Spec, the RP obtains Issuer ID by
> Provider Discovery.
> When the RP doesn't know OAuth Endpoints, is "Configration Discovery" required?
> Does the request use only hostname of Issuer ID?
> Thanks.
> Ryo
> -- 
> ====================
> Ryo Ito
> Email : ritou.06 at gmail.com
> ====================
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-ab

More information about the Openid-specs-ab mailing list