Hi Torsten, the current model is that the Authorization Agent (AZA) may
itself obtain an id_token and use it to obtain an access token, but that
only access tokens would be 'handed over' by the AZA to its constituent
native apps.
Are you proposing that there may be value in allowing the AZA to also
hand over id_tokens (suitably targeted) as well?
paul
On 7/1/13 1:38 PM, Torsten Lodderstedt wrote:
Hi John,
I interpreted the text of the charter the other way around, so a
client would be able to use an(y) id_token (as a credential) to obtain
an access token. I'm fine if the mechanism is intended to support
id_token issuance.
regards,
Torsten.
Am 01.07.2013 15:06, schrieb John Bradley:
Hi Torsten,
In point 3 the charter talks about using id_tokens to get access tokens.
So it is imagined that the mechanism would issue id_tokens likely
along the lines that Google is doing for the play store by having a
3rd party as an audience and using "azp" to indicate the client the
token was issued to. We don't want to be too specific on the
solution in the charter.
If you think something needs to be added let me know.
John B.
On 2013-07-01, at 2:17 AM, Torsten Lodderstedt
<[email protected] <mailto:[email protected]>> wrote:
Hi,
it would be great to have such a mechanism across platforms!
I'm wondering whether the mechanism should issue id tokens as well.
Right now it seems to focus on access tokens.
Regards,
Torsten.
John Bradley <[email protected] <mailto:[email protected]>> schrieb:
The enclosed Work Group Charter is being sent to the Specs Council for
review in anticipation of chartering the Group.
It is best have this activity under the foundation IPR as soon as possible.
Regards
John B.
------------------------------------------------------------------------
specs mailing list
[email protected] <mailto:[email protected]>
http://lists.openid.net/mailman/listinfo/openid-specs
_______________________________________________
specs mailing list
[email protected]
http://lists.openid.net/mailman/listinfo/openid-specs
_______________________________________________
specs mailing list
[email protected]
http://lists.openid.net/mailman/listinfo/openid-specs
