+1. I think there is room for many improvements in the OIDC core spec that we can do. Let's take those up as part of next major release (one after 5.1.0). For 5.1.0 lets focus on the minimum to be spec compliant.
Thanks, Johann. On Thu, Sep 11, 2014 at 12:37 AM, Gayan Gunawardana <ga...@wso2.com> wrote: > Hi All, > > According to openid connect spec [1], Implicit grant type also should > return ID token if scope is set to openid. up to IS 5.0 Implicit grant type > does not return ID token even scope is set to openid. Limitation will be > constructing ID token happens only for token request not for authorization > request. Since Implicit grant type has only single authorization request > there is no way to build an ID token. I think this limitation should be > resolved in next Identity Server release. > > WDYT ? > > > [1]openid.net/specs/openid-connect-core-1_0.html#ImplicitFlowAuth > -- > Gayan Gunawardana > Software Engineer; WSO2 Inc.; http://wso2.com/ > Email: ga...@wso2.com > Mobile: +94 (71) 8020933 > -- Thanks & Regards, *Johann Dilantha Nallathamby* Associate Technical Lead & Product Lead of WSO2 Identity Server Integration Technologies Team WSO2, Inc. lean.enterprise.middleware Mobile - *+94777776950* Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>*
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
