OP-Initiated Logout without User Involvement
Aeneas Rekkas
aeneas at ory.sh
Sat Apr 25 11:17:22 UTC 2020
Sorry, I just realized that this went to the wrong mailing list (should probably be general)! Please excuse the noise.
> Am 25.04.2020 um 13:14 schrieb Aeneas Rekkas <aeneas at ory.sh>:
>
> Hi,
>
> we ( https://github.com/ory/hydra <https://github.com/ory/hydra> ) are receiving use cases for an OP-Initiated that does not involve the user’s browser and cookies. A use case might be that we want to perform Back-Channel Logout when the user changes his/her password.
>
> A simple use case would be that a user is banned by an administrator which in turn should trigger OIDC Back-Channel Logout. Is there any guidance on how this should be designed/implemented? Maybe even with an API Spec?
>
> Best
> Aeneas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20200425/b575ba7a/attachment.html>
More information about the specs
mailing list