[Openid-specs-ab] Issue #961: In example, 200 OK response should be 302 Found (openid/connect)

James Manger issues-reply at bitbucket.org
Mon Nov 3 00:46:31 UTC 2014


New issue 961: In example, 200 OK response should be 302 Found
https://bitbucket.org/openid/connect/issue/961/in-example-200-ok-response-should-be-302

James Manger:

The example authentication response in section 2 should be a redirect (eg 302) to the RP’s URI, particularly as there is an associated Location HTTP header.

Change:
  HTTP /1.1 200 OK
    Location: https://client.example.com/cb#
      id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6IktleTAwMSJ9.ew0KIC
To:  HTTP /1.1 302 Found
    Location: https://client.example.com/cb#
      id_token=eyJhbGciOiJSUzI1NiIsImtpZCI6IktleTAwMSJ9.ew0KIC





More information about the Openid-specs-ab mailing list