If you are willing to draft one, it should be able to be done
reasonably quickly at OIDF.
On Mon, Jun 24, 2019 at 8:17 PM William Denniss
wrote:
>
> Hi Taka,
>
> On Mon, Jun 24, 2019 at 12:16 PM Takahiko Kawasaki wrote:
>>
>> Hi Justin,
>>
>> Thank you. Consensus will be that "openid" in the
Hi Taka,
On Mon, Jun 24, 2019 at 12:16 PM Takahiko Kawasaki
wrote:
> Hi Justin,
>
> Thank you. Consensus will be that "openid" in the "scope" request
> parameter should trigger generation of an ID token.
>
+1, and the last time I checked, that’s how Google's implementation
behaved.
I'm
Hi Justin,
Thank you. Consensus will be that "openid" in the "scope" request parameter
should trigger generation of an ID token. I'm wondering if the WG plans to
mention it explicitly in the spec and add "acr_values" request parameter.
Best Regards,
Taka
2019年6月25日(火) 1:13 Justin Richer :
>
Taka,
My reading is that the device flow, like other OAuth flows, does not prohibit
extension, including passing back identity assertions like the ID Token. Since
it inherits the token response from core OAuth 2, the ID Token could be issued
along side the access token just like in the
Hello,
Do you have any plan to update the specification of Device Flow to support
issue of ID tokens?
OAuth 2.0 Device Authorization Grant
https://datatracker.ietf.org/doc/draft-ietf-oauth-device-flow/?include_text=1
Best Regards,
Takahiko Kawasaki
