[Openid-specs-fapi] Issue #150: Mandate at_hash check in the ID Token from the token endpoint (openid/fapi)
Nat Sakimura
issues-reply at bitbucket.org
Wed Jul 4 07:55:27 UTC 2018
New issue 150: Mandate at_hash check in the ID Token from the token endpoint
https://bitbucket.org/openid/fapi/issues/150/mandate-at_hash-check-in-the-id-token-from
Nat Sakimura:
In OIDC, `at_hash` is optional.
Our intention is to protect all the messages so we need to mandate it to be included and the check to be performed.
Responsible: Nat
More information about the Openid-specs-fapi
mailing list