One School of thought (GDPR) is that you can only ask for claims that are 
required.   That is why it is essential as all are required.  

The openID scope should only return subject and issuer.   You need to ask for 
the specific claims that you want if you don't want all the claims in a scope 
like profile.  

So it sounds like a bug in the test.  

John B.  

On Aug 8, 2017 7:49 AM, "Hasini Witharana" < 
<>> wrote:

Currently I am working with OpenID Connect Certification basic profile. In the 
OP, I have configured some claims to be gained when the scope is openid. When I 
send a authorization request with  an essential claim I will get all claims for 
openid and the essential claim. In the specifications there is no, rule as It 
should return only the essential claim. "OP-claims-essential" test is failing 
because unexpected claims are returned. Can you please clarify this issue?

Hasini Witharana
Undergraduate | Department of Computer Science and Engineering
University of Moratuwa
Linkedin <>

specs mailing list <> 

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

specs mailing list

Reply via email to