[Openid-specs-ab] Issue #898: New Core - 1.2 Terminology - Authentication Request, Authorization Request (openid/connect)

Mike Jones Michael.Jones at microsoft.com
Tue Nov 5 09:10:34 UTC 2013


I'm fine with adding the "Authorization Request" definition.  As for the Authentication Request definition, I have some quibbles with Nat's proposed language, because I find it to be less clear and somewhat circular.  Saying "to obtain the Authentication Result" doesn't add anything, and in fact, would just cause us to have to define "Authentication Result" as well.

How about something closer to this?

**Authentication Request**
An OAuth 2.0 Authorization Request using extension parameters and scopes defined by OpenID Connect to request that the End-User be authenticated by the Authorization Server, which is an OpenID Connect Provider.

				-- Mike

-----Original Message-----
From: openid-specs-ab-bounces at lists.openid.net [mailto:openid-specs-ab-bounces at lists.openid.net] On Behalf Of Nat Sakimura
Sent: Monday, November 04, 2013 11:13 PM
To: openid-specs-ab at lists.openid.net
Subject: [Openid-specs-ab] Issue #898: New Core - 1.2 Terminology - Authentication Request, Authorization Request (openid/connect)

New issue 898: New Core - 1.2 Terminology - Authentication Request, Authorization Request https://bitbucket.org/openid/connect/issue/898/new-core-12-terminology-authentication

Nat Sakimura:

Capturing Breno's request on Nov. 4 that says: "I think we should have an explicit entry to Authorization Request that says: "An OAuth2 Authorization Request as defined in RFC 6749"
And then "Authentication Request" --> With a language more similar to the one proposed by Nat in this thread."

**Currently**: 

**Authentication Request**
An OAuth 2.0 Authorization Request that requests that the End-User be authenticated by the Authorization Server.

**Proposed**: 

**Authentication Request**
Authorization Request used to obtain the Authentication Result through the use of OpenID Connect extension parameters and profiled scopes

**Authorization Request**
OAuth 2 authorization request as defined in RFC 6749





_______________________________________________
Openid-specs-ab mailing list
Openid-specs-ab at lists.openid.net
http://lists.openid.net/mailman/listinfo/openid-specs-ab


More information about the Openid-specs-ab mailing list