[Openid-specs-mobile-profile] CIBA rename client_req_id to client_notification_token
Axel.Nennker at telekom.de
Axel.Nennker at telekom.de
Thu Dec 1 16:00:11 UTC 2016
Dear all,
CIBA defines client_req_id as
"client_req_id
REQUIRED. It is a unique id provided by the RP that will be used by the OpenID Provider as a bearer token to authenticate the callback request to send the tokens to the RP.
At the time of registering the Client at the OpenID Provider, the RP must provide the information about whether receiving the token response through a callback to the "client_notification_endpoint" or through a polling mechanism where the RP MUST poll the OpenID Provider repeatedly as defined in Successful Authentication Request Acknowledgement<http://xml2rfc.tools.ietf.org/cgi-bin/xml2rfc.cgi#successful_authentication_request_acknowdlegment> until the end-user completes the approval process.
"
But this is more like an access token to the client notification endpoint, I think.
I suggest renaming client_req_id to client_notification_token in CIBA.
WDYT?
//Axel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-mobile-profile/attachments/20161201/b9135403/attachment.html>
More information about the Openid-specs-mobile-profile
mailing list