[Openid-specs-ab] client_credentials grant_type

Nat Sakimura sakimura at gmail.com
Tue Sep 18 01:28:34 UTC 2012


On 2012/09/18, at 0:46, John Bradley <ve7jtb at ve7jtb.com> wrote:

> I don't understand the question.
>
> In the BAE2 case the authentication is typically PIV or PIV-I.
> That triggers the RP to do a SAML attribute query using the FASC-N as the subject identifier.
>
> There is a philosophical question about enabling the retrieval of attributes without explicit user involvement.

That is a fairly common model. It is not always true that user wants
an explicit involvement either.
We should support this kind of model as well.

Nat


More information about the Openid-specs-ab mailing list