If you are willing to draft one, it should be able to be done
reasonably quickly at OIDF.

On Mon, Jun 24, 2019 at 8:17 PM William Denniss
<[email protected]> wrote:
>
> Hi Taka,
>
> On Mon, Jun 24, 2019 at 12:16 PM Takahiko Kawasaki <[email protected]> wrote:
>>
>> Hi Justin,
>>
>> Thank you. Consensus will be that "openid" in the "scope" request parameter 
>> should trigger generation of an ID token.
>
>
> +1, and the last time I checked, that’s how Google's implementation behaved.
>
>> I'm wondering if the WG plans to mention it explicitly in the spec and add 
>> "acr_values" request parameter.
>
>
> No plans to do this. The spec is in the edit queue so such a change can't be 
> made and as Justin said it may be more appropriate in OpenID Foundation, if 
> it's needed.
>
> Best,
> William
>
>>
>> Best Regards,
>> Taka
>>
>>
>> 2019年6月25日(火) 1:13 Justin Richer <[email protected]>:
>>>
>>> Taka,
>>>
>>> My reading is that the device flow, like other OAuth flows, does not 
>>> prohibit extension, including passing back identity assertions like the ID 
>>> Token. Since it inherits the token response from core OAuth 2, the ID Token 
>>> could be issued along side the access token just like in the authorization 
>>> code flow.The user is present and interacting at the AS in both cases. In 
>>> fact, I’d say that there are enough similarities between the two that for 
>>> the most part it should “just work” and fit the assumptions of most 
>>> clients. That said, it’s technically true that there is no defined profile 
>>> for the combination of the device flow and OIDC, but if something like that 
>>> were to be written it would be better fit to the OpenID Foundation.
>>>
>>> — Justin
>>>
>>> On Jun 20, 2019, at 6:32 PM, Takahiko Kawasaki <[email protected]> wrote:
>>>
>>> Hello,
>>>
>>> Do you have any plan to update the specification of Device Flow to support 
>>> issue of ID tokens?
>>>
>>> OAuth 2.0 Device Authorization Grant
>>> https://datatracker.ietf.org/doc/draft-ietf-oauth-device-flow/?include_text=1
>>>
>>> Best Regards,
>>> Takahiko Kawasaki
>>>
>>> _______________________________________________
>>> OAuth mailing list
>>> [email protected]
>>> https://www.ietf.org/mailman/listinfo/oauth
>>>
>>>
>> _______________________________________________
>> OAuth mailing list
>> [email protected]
>> https://www.ietf.org/mailman/listinfo/oauth
>
> _______________________________________________
> OAuth mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/oauth



-- 
Nat Sakimura (=nat)
Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en

_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to