[Openid-specs-ab] Scopes - Claims Mapping for Discovery ?

Michael Schwartz mike at gluu.org
Wed Nov 20 13:51:39 UTC 2013


I just wanted to mention that we thought this feature was useful. It may be worth providing this idea in the spec as an OPTIONAL feature...
 
In cases where there are custom scopes, and custom claims, it may not be obvious to the client which scopes to request to get the respective claims. For this reason, we added another field to help define the scope to claims mapping. Below is an example from http://seed.gluu.org/oxauth-rp:


"scope_to_claims_mapping": [
 {
 "scope": "openid",
 "claims": ["uid"]
 },
 {
 "scope": "address",
 "claims": [
 "homePostalAddress",
 "postalAddress",
 "street",
 "postOfficeBox",
 "postalCode",
 "l",
 "c",
 "st",
 "neighborhood",
 "roomNumber"
 ]
 },
 {
 "scope": "clientinfo",
 "claims": [
 "displayName",
 "inum",
 "oxAuthAppType",
 "oxAuthIdTokenSignedResponseAlg",
 "oxAuthRedirectURI",
 "oxAuthScope",
 "oxAuthCustomAttribute1",
 "oxAuthCustomAttribute2",
 "oxAuthCustomAttribute3"
 ]
 },
 {
 "scope": "http://docs.kantarainitiative.org/uma/scopes/prot.json",
 "claims": []
 },
 {
 "scope": "profile",
 "claims": [
 "displayName",
 "givenName",
 "sn",
 "preferredLanguage",
 "timezone",
 "photo1"
 ]
 },
 {
 "scope": "phone",
 "claims": [
 "homePhone",
 "mobile",
 "telephoneNumber",
 "facsimileTelephoneNumber"
 ]
 },
 {
 "scope": "http://docs.kantarainitiative.org/uma/scopes/authz.json",
 "claims": []
 },
 {
 "scope": "email",
 "claims": ["mail"]
 }
 ]


 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20131120/36cbc80c/attachment.html>


More information about the Openid-specs-ab mailing list