Minimum feature for IdP is to implement User Authorization Endpoint, Token Endpoint, Introspection Endpoint. UserInfo Endpoint and Session Endpoint is optional, though I really would love to make UserInfo Endpoint a MUST.
These will be captured in the forthcoming document reorganization, so that basic Connect spec will have those MUST endpoint only. =nat On Wed, Jul 20, 2011 at 1:45 AM, Johannes Ernst <jernst+openid.net@ netmesh.us> wrote: > > On Jul 19, 2011, at 9:01, Allen Tom wrote: > > > >> I think the market has shown that an URL-based identity system without > any additional attributes (basic profile info, email address) or services > (the ability to send notifications to the user) is not really a viable > product, since the RP might as well have the user register a local account. > > I'd love to see the minimum viable list of features for an internet > identity system now in 2011, and get some agreement on those. Arguably one > of the failures of OpenID 2 has been that there was never any agreement on > those, so everybody implemented a different subset. > > I realize I have a hard time commenting on the Connect work until it is > clear what this minimum set of features is supposed to be. Perhaps that is > documented somewhere and I just haven't seen it? > > Cheers, > > > > Johannes. > > _______________________________________________ > specs mailing list > [email protected] > http://lists.openid.net/mailman/listinfo/openid-specs > -- Nat Sakimura (=nat) Chairman, OpenID Foundation http://nat.sakimura.org/ @_nat_en
_______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
