[Openid-specs-ab] May 25, 2012 OpenID Connect Update Release

Nat Sakimura sakimura at gmail.com
Tue Jun 5 16:50:40 UTC 2012


Agreed. We just could not come up with a better way.

My original proposal was to have another token type called UserInfo. That
was consistent but it did not get any traction at f2f.

On the hind sight, we could have created another token type like id_token+.
That would have been a bit  more consistent.

=nat via iPhone

On 2012/06/06, at 1:26, Brian Campbell <bcampbell at pingidentity.com> wrote:

I'm trying to understand why a scope was used to indicate the desire for
user info claims to be returned in the ID Token? It really seems like
something that should be isolated to a flag on the request (a new parameter
or something in the request object). It feels out of place as a scope and
will require ASs to have special conditional treatment of that one scope
value (which I'd like to avoid as I'd think most implementers would).


On Sat, May 26, 2012 at 12:13 AM, Mike Jones <Michael.Jones at microsoft.com>wrote:

>
>
>    - Added scope value claims_in_id_token as a switch to indicate that
>    the UserInfo claims should be returned in the ID Token, per issue #561
>
> _______________________________________________
Openid-specs-ab mailing list
Openid-specs-ab at lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-specs-ab
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20120606/15298220/attachment.html>


More information about the Openid-specs-ab mailing list