[Openid-specs-ab] Issue #870: Standard 3.2.1. Refresh Token Response - return of id_token prohibited, conflicts with Messages 2.2.3 (openid/connect)

Vladimir Dzhuvinov issues-reply at bitbucket.org
Mon Sep 2 05:34:41 UTC 2013


New issue 870: Standard 3.2.1.  Refresh Token Response - return of id_token prohibited, conflicts with Messages 2.2.3
https://bitbucket.org/openid/connect/issue/870/standard-321-refresh-token-response-return

Vladimir Dzhuvinov:

Hi guys,

Just noticed a conflict between the **Standard 3.2.1. Refresh Token Response** and **2.2.3.  Access Token Response** specs - the former prohibits returning an ID token on token refresh while the latter allows it.

If I remember correctly the issue of returning an ID token on token refresh was settled in https://bitbucket.org/openid/connect/issue/787/messages-223-id_token-must-not-be-returned






More information about the Openid-specs-ab mailing list