[Openid-specs-ab] Limiting a login request to a specific user
tbray at textuality.com
Mon Sep 22 22:34:16 UTC 2014
Cleanest way would probably be new parameters “login_must_be” /
”id_token_must_be”, same semantics as login_hint but substitution forbidden.
On Mon, Sep 22, 2014 at 3:26 PM, Mike Jones <Michael.Jones at microsoft.com>
> We have a use case in which we want to limit the login to the user
> specified via the login_hint and not allow the user to sign in as a
> different user. How would you suggest expressing that requirement? For
> instance, should we invent a new request parameter such as “this_user=true”
> (which could be used in combination with login_hint or id_token_hint)? Or
> might a “prompt” parameter value such as “prompt=this_user” be
> appropriate? Or would that possibly conflict with other uses of “prompt”?
> -- Mike
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
- Tim Bray (If you’d like to send me a private message, see
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Openid-specs-ab