[Openid-specs-ab] Issue #1101: clarify expected OP behaviour upon unsupported prompt parameter value (openid/connect)

panva issues-reply at bitbucket.org
Wed Aug 7 13:37:19 UTC 2019


New issue 1101: clarify expected OP behaviour upon unsupported prompt parameter value
https://bitbucket.org/openid/connect/issues/1101/clarify-expected-op-behaviour-upon

Filip Skokan:

Followup to [http://lists.openid.net/pipermail/openid-specs-ab/Week-of-Mon-20190805/007475.html](http://lists.openid.net/pipermail/openid-specs-ab/Week-of-Mon-20190805/007475.html)

What is the expected OP behaviour upon encountering an unsupported/invalid `prompt` parameter value? Error out or proceed and ignore the value?

What do existing implementations do today? I guess probably error \(render page, `invalid_request` or something proprietary\) but I did not do the due diligence to check.

My expectation is to error on unsupported values since not every `prompt` parameter value brings with it the “acknowledgement” in the form of a return parameter or claim inside the ID Token \(e.g. none, consent\)




More information about the Openid-specs-ab mailing list