Hi Marzio,
Of course I'm biased as I'm the editor of the "prompt=create" spec:)
That said, I wrote it specifically because the questions you raised
didn't have any good answers and the company I was working for needed
solutions. I don't know of any other initiative that tries to solve the
same problem (at least not in a standards based way).
The spec in the OIDC Working Group is at implementor's draft so we are
looking for people to implement and provide feed back to make sure the
spec is complete.
I don't know that it will be incorporated into OIDC Core but a few
implementations have already added support.
The spec (section 4.2) does describe a way for the authorization server
to advertise it supports the feature via the 'prompt_values_supported'
metadata item.
Thanks,
George
On 4/6/22 1:14 PM, Marzio Superina wrote:
Hi all,
Apologies if this is not the right audience, please direct me if you
are aware of a better one. Also, apologies if the questions below
sound trivial or have been raised too many times, I just joined.
Today I discovered this draft
https://openid.net/specs/openid-connect-prompt-create-1_0.html (very
late to the party I know...) and was wondering:
- How likely will it be incorporated into
https://openid.net/specs/openid-connect-core-1_0.html ? If likely, is
there a timeline ?
- Is there another initiative that tries to solve the same problem ?
- What is currently, if any, the recommended way for an
authorization server to support user registration as part of an
authorization request ?
- What is currently, if any, the recommended way for an
authorization server to advertise user registration in the discovery
endpoint ?
Many thanks in advance,
Marzio
_______________________________________________
specs mailing list
sp...@lists.openid.net
https://lists.openid.net/mailman/listinfo/openid-specs
_______________________________________________
specs mailing list
sp...@lists.openid.net
https://lists.openid.net/mailman/listinfo/openid-specs
