[PROPOSAL] bare response / bare request
Dick Hardt
dick at sxip.com
Sat Sep 30 17:09:15 PDT 2006
Motivating Use Case
----------------------------
The IdP would like to allow the user to click a link on the IdP to
login to an RP. This requires a bare response to be able to be sent.
A Trusted Party, acting as an RP would like to store a value at the
IdP, but does not need the IdP to send the user back, a bare request
is needed.
Proposed Implementation
-----------------------------------
bare request: if the openid.return_to parameter is missing or blank,
then the IdP will not send the user back to the RP
bare response: sending a bare response is valid (not sure we need to
do anything more then say it is OK to do)
More information about the specs
mailing list