Hi John, If it is a bug in the test, should I report it as a git hub issue?
I can't find in the OpenID Connect specifications, where it says that openid scope should only return subject and issuer. If I configured in OP to return some other claim like name for openid scope other than subject and issuer, will it be a spec violation? Thank you. On Tue, Aug 8, 2017 at 6:26 PM, John Bradley <jbrad...@wingaa.com> wrote: > One School of thought (GDPR) is that you can only ask for claims that are > required. That is why it is essential as all are required. > > The openID scope should only return subject and issuer. You need to ask > for the specific claims that you want if you don't want all the claims in a > scope like profile. > > So it sounds like a bug in the test. > > John B. > > On Aug 8, 2017 7:49 AM, "Hasini Witharana" <hasinidila...@gmail.com> > wrote: > > Hi, > > Currently I am working with OpenID Connect Certification basic profile. In > the OP, I have configured some claims to be gained when the scope is > openid. When I send a authorization request with an essential claim I will > get all claims for openid and the essential claim. In the specifications > there is no, rule as It should return only the essential claim. > "OP-claims-essential" test is failing because unexpected claims are > returned. Can you please clarify this issue? > > -- > *Hasini Witharana* > Undergraduate | Department of Computer Science and Engineering > University of Moratuwa > Linkedin <https://www.linkedin.com/in/hasini-witharana-185785109/> > > _______________________________________________ > specs mailing list > sp...@lists.openid.net > http://lists.openid.net/mailman/listinfo/openid-specs > > > -- *Hasini Witharana* Undergraduate | Department of Computer Science and Engineering University of Moratuwa Linkedin <https://www.linkedin.com/in/hasini-witharana-185785109/>
_______________________________________________ specs mailing list sp...@lists.openid.net http://lists.openid.net/mailman/listinfo/openid-specs