[Openid-specs-authzen] Proposal to Make id Optional in Resource Entity for AuthZEN Authorization API
Thumilan
thumilan.connect at gmail.com
Tue Mar 4 04:25:29 UTC 2025
Hi all,
I've been reviewing the *AuthZEN Authorization API specification
<https://openid.github.io/authzen>* and noticed that the *Resource* entity
includes the following required sub-elements:
- *type (REQUIRED)*: A string value specifying the type of the subject.
- *id (REQUIRED)*: A string value containing the unique identifier of
the subject, scoped to the type.
However, there are scenarios where the *id* cannot be determined or may be
irrelevant. For instance, when checking whether a subject *can create a
resource type*, there is no meaningful value for the id (as seen in
the *InterOp
Scenario for POST /Todo
<https://authzen-interop.net/docs/scenarios/todo-1.1/#post-todos>*).
Would it be possible to make *id optional* in the *Resource* entity to
accommodate such cases?
--
Best Regards,
Thumilan Mikunthan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-authzen/attachments/20250304/77852bbd/attachment.htm>
More information about the Openid-specs-authzen
mailing list