[Openid-specs-fapi] Issue #150: Mandate at_hash check in the ID Token from the token endpoint (openid/fapi)
issues-reply at bitbucket.org
Wed Jul 4 07:55:27 UTC 2018
New issue 150: Mandate at_hash check in the ID Token from the token endpoint
In OIDC, `at_hash` is optional.
Our intention is to protect all the messages so we need to mandate it to be included and the check to be performed.
More information about the Openid-specs-fapi