[Openid-specs-fapi] FAPI endpoints as IdP metadata?

Takahiko Kawasaki daru.tk at gmail.com
Tue Jan 17 18:51:49 UTC 2017


Dear Nat,

Thank you for your reply.

We would be able to devise various different ways to list up protected
resource endpoints. The simplest way is to list FAPI endpoints in a
response from /.well-known/openid-configuration. Another different way, for
example, is to list resource servers in a response from
/.well-known/openid-configuration and require the resource servers to
expose their configurations at /.well-known/???-configuration. Some other
ways can be devised, too.

I'm sorry I don't have any good idea, but I feel that we would be able to
find a better way than listing protected resource endpoints (except
UserInfo endpoint) in a response from /.well-known/openid-configuration.

Best,
Taka



2017-01-16 18:10 GMT+09:00 Nat Sakimura <n-sakimura at nri.co.jp>:

> Hi Takahiko,
>
>
>
> The topic is on part 3 and is still very much an open topic.
>
> We could definitely discuss it.
>
>
>
> Best,
>
>
>
> Nat Sakimura
>
>
>
> --
>
> PLEASE READ :This e-mail is confidential and intended for the
>
> named recipient only. If you are not an intended recipient,
>
> please notify the sender  and delete this e-mail.
>
>
>
> *From:* Openid-specs-fapi [mailto:openid-specs-fapi-
> bounces at lists.openid.net] *On Behalf Of *Takahiko Kawasaki via
> Openid-specs-fapi
> *Sent:* Wednesday, January 4, 2017 6:29 PM
> *To:* openid-specs-fapi at lists.openid.net
> *Subject:* [Openid-specs-fapi] FAPI endpoints as IdP metadata?
>
>
>
> Hello,
>
> I'm sorry I don't know discussion in the past, but I'd like to know
> whether it's already been agreed on that FAPI endpoints should be listed in
> a response from /.well-known/openid-configuration? (I'm reading "Part 3,
> 5.2 Endpoint Discovery".)
>
> FAPI endpoints are protected resource endpoints exposed by a resource
> server and I'm not so sure that it is appropriate to list the endpoints as
> metadata of an OpenID Provider. If it's been agreed on, it's okay and I
> won't stick to it, though.
>
> Best Regards,
> Takahiko Kawasaki
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20170118/2fd39827/attachment.html>


More information about the Openid-specs-fapi mailing list