[Openid-specs-ab] What error should be returned when prompt=none used and the user is not logged in?

Breno de Medeiros breno at google.com
Thu Oct 3 00:43:29 UTC 2013


On Oct 2, 2013 12:30 PM, "Mike Jones" <Michael.Jones at microsoft.com> wrote:

>  If the user isn’t logged in, how can you issue an ID Token?
>

Sorry, I lost context, I thought the question was about prompt=login, but
it it about prompt=none.

Today Google's IDP returns 'error=immediate_failed". It should be possible
to return login_required instead.




> ****
>
> ** **
>
> *From:* Breno de Medeiros [mailto:breno at google.com]
> *Sent:* Wednesday, October 02, 2013 12:27 PM
> *To:* Mike Jones
> *Cc:* openid-specs-ab at lists.openid.net; Naveen Agarwal
> *Subject:* RE: What error should be returned when prompt=none used and
> the user is not logged in?****
>
> ** **
>
> There is no need for an error. We issue a regular assertion w/o a reauth
> clause.****
>
> On Oct 2, 2013 12:21 PM, "Mike Jones" <Michael.Jones at microsoft.com> wrote:
> ****
>
> What error do you return in this case?
>
> -----Original Message-----
> From: Breno de Medeiros [mailto:breno at google.com]
> Sent: Wednesday, October 02, 2013 12:16 PM
> To: Mike Jones
> Cc: Naveen Agarwal; openid-specs-ab at lists.openid.net
> Subject: Re: What error should be returned when prompt=none used and the
> user is not logged in?
>
> I am unaware of implementations of login_required.
>
> On Wed, Oct 2, 2013 at 12:00 PM, Mike Jones <Michael.Jones at microsoft.com>
> wrote:
> > Googlers, can you be sure to reply to this thread?
> >
> >
> >
> >
> > Thanks,
> >
> >                                                                 --
> > Mike
> >
> >
> >
> > From: openid-specs-ab-bounces at lists.openid.net
> > [mailto:openid-specs-ab-bounces at lists.openid.net] On Behalf Of Mike
> > Jones
> > Sent: Wednesday, October 02, 2013 11:36 AM
> > To: openid-specs-ab at lists.openid.net
> > Subject: [Openid-specs-ab] What error should be returned when
> > prompt=none used and the user is not logged in?
> >
> >
> >
> > login_required?
> >
> >
> >
> > What are implementations in production use returning in this case?
> >
> >
> >
> >                                                                 --
> > Mike
> >
> >
>
>
>
> --
> --Breno****
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20131002/ebf103ac/attachment.html>


More information about the Openid-specs-ab mailing list