Hi Justin,

Thank you. Consensus will be that "openid" in the "scope" request parameter
should trigger generation of an ID token. I'm wondering if the WG plans to
mention it explicitly in the spec and add "acr_values" request parameter.

Best Regards,
Taka


2019年6月25日(火) 1:13 Justin Richer <[email protected]>:

> Taka,
>
> My reading is that the device flow, like other OAuth flows, does not
> prohibit extension, including passing back identity assertions like the ID
> Token. Since it inherits the token response from core OAuth 2, the ID Token
> could be issued along side the access token just like in the authorization
> code flow.The user is present and interacting at the AS in both cases. In
> fact, I’d say that there are enough similarities between the two that for
> the most part it should “just work” and fit the assumptions of most
> clients. That said, it’s technically true that there is no defined profile
> for the combination of the device flow and OIDC, but if something like that
> were to be written it would be better fit to the OpenID Foundation.
>
> — Justin
>
> On Jun 20, 2019, at 6:32 PM, Takahiko Kawasaki <[email protected]> wrote:
>
> Hello,
>
> Do you have any plan to update the specification of Device Flow to support
> issue of ID tokens?
>
> OAuth 2.0 Device Authorization Grant
>
> https://datatracker.ietf.org/doc/draft-ietf-oauth-device-flow/?include_text=1
>
> Best Regards,
> Takahiko Kawasaki
>
> _______________________________________________
> OAuth mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/oauth
>
>
>
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to