Hi Johannes, At a high level, OpenID Connect implementers are expected to implement an OAuth2 service that issues an Access Token, along with the UserInfo webservice:
http://openid.net/specs/openid-connect-userinfo-1_0.html#anchor4 So after the user authenticates, the RP has an OAuth2 Access Token that can be used on the UserInfo endpoint to get attributes about the user. I believe that all the fields in the UserInfo response are optional, except for the user's identifier. IdPs are allowed to add more fields to the UserInfo response. I'm not sure if it makes any sense to implement OpenID Connect Core without the UserInfo service, so it might make sense to combine the two specs. Allen On Tue, Jul 19, 2011 at 9:45 AM, Johannes Ernst <jernst+openid.net@ netmesh.us> wrote: > > > I realize I have a hard time commenting on the Connect work until it is > clear what this minimum set of features is supposed to be. Perhaps that is > documented somewhere and I just haven't seen it? > >
_______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
