Yes, this can break existing clients which has parsed current id_token and using these two values. One option is to introduce a new config to keep the old format of id_token and if the config value is switched, we support for the new format which is compliance for OIDC specification. We can deprecate supporting for old format after few releases.
Regards, Dinusha On Wed, Sep 20, 2017 at 9:26 AM, Hasini Witharana <[email protected]> wrote: > Hi, > > OIDC test suite has been updated and now new issues have come in basic > profile (where response_type=code). The issues are given below. > > 1. OP-scope-email > In here email_verified is returned as a string in id_token and it > should be a boolean value. > > 2. OP-scope-phone > In here phone_number_verified is returned as a string in id_token and > it should be a boolean value. > > If we change these parameters to return boolean values, will the existing > users get effected by that? > > Thank you. > -- > > *Hasini Witharana* > Software Engineering Intern | WSO2 > > > *Email : [email protected] <[email protected]>* > > *Mobile : +94713850143 <071%20385%200143>[image: > http://wso2.com/signature] <http://wso2.com/signature>* > -- Dinusha Dilrukshi Technical Lead WSO2 Inc.: http://wso2.com/ Mobile: +94764069991 Blog: http://dinushasblog.blogspot.com/
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
