OpenID Connect implementations are not required to implement this functionality 
but most do, by virtue of implementing the OpenID Connect metadata specified in 
https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata.  
The OAuth AS Metadata spec is intentionally compatible with this specification.

If you want to include the compatible OpenID Connect examples, there are 34 ASs 
and 9 clients listed at http://openid.net/certification/ that implement 
metadata compatible with the AS metadata specification.  See the "Config OP" 
and "Config RP" columns.

The usage examples I provided in my previous reply were all OAuth examples that 
did not assume an implementation of OpenID Connect.

                                Best wishes,
                                -- Mike

-----Original Message-----
From: Hannes Tschofenig [mailto:[email protected]] 
Sent: Tuesday, March 7, 2017 11:07 AM
To: Mike Jones <[email protected]>; [email protected]; Phil Hunt 
<[email protected]>
Subject: Re: [OAUTH-WG] Shepherd writeup for OAuth 2.0 Authorization Server 
Metadata

Hi Mike

thanks for the quick response and for the wording suggestions.

Regarding the implementations are OpenID Connect implementations required to 
implement this functionality?

On 03/07/2017 07:58 PM, Mike Jones wrote:
> 1) Implementation & deployment status of the spec
> 
> Microsoft has at least four deployments of the specification.
> William Denniss has said that Google uses the specification.  I 
> believe that Ping Identity also uses it.  The specification is used by 
> https://tools.ietf.org/html/draft-ietf-oauth-token-binding-01 and 
> https://tools.ietf.org/html/draft-ietf-oauth-device-flow-04.

Ciao
Hannes

_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to