[Openid-specs-fastfed] Question about 7.2.4 (Handshake Finalization)
McAdams, Darin
darinm at amazon.com
Wed Oct 16 23:19:00 UTC 2019
Good catch. Would it help if a signed JWT came along in this request as well?
From: Openid-specs-fastfed <openid-specs-fastfed-bounces at lists.openid.net> on behalf of Openid-specs-fastfed <openid-specs-fastfed at lists.openid.net>
Reply-To: Brian Rose <brian.rose at sailpoint.com>
Date: Thursday, October 10, 2019 at 11:12 AM
To: Openid-specs-fastfed <openid-specs-fastfed at lists.openid.net>
Subject: [Openid-specs-fastfed] Question about 7.2.4 (Handshake Finalization)
Hey all,
In my current POC implementation, I am attempting to set a flag to indicate that the full round trip has been completed in the finalization step. How does the Application Provider know the provider domain and the tenant id so that it can verify that it has been previously whitelisted and update any associated data that the Application Provider might want to log? During the registration, the JWT contains all of the necessary information to do the look up. Also, as a result, is that this endpoint is wide open.
Thanks!
Brian Rose
SailPoint
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fastfed/attachments/20191016/7e1b17e1/attachment.html>
More information about the Openid-specs-fastfed
mailing list