[Openid-specs-mobile-profile] Issue #80: CIBA: New notification callback behaviour when token request is made before notification received (openid/mobile)
Dave Tonge
issues-reply at bitbucket.org
Wed Aug 29 13:08:57 UTC 2018
New issue 80: CIBA: New notification callback behaviour when token request is made before notification received
https://bitbucket.org/openid/mobile/issues/80/ciba-new-notification-callback-behaviour
Dave Tonge:
The new notification callback mode will allow a Client to call the token endpoint with the backchannel grant type.
If the Client calls the endpoint before receiving a notification should the error be the same as for polling, i.e.
> The authorization request is still pending as the end-user hasn't yet been authenticated. It only applies when using Polling mode.
Or should there be a different error message.
At the heart of this issue is the question - can a Client configured to receive a notification that auth has happened also poll the token endpoint?
More information about the Openid-specs-mobile-profile
mailing list