-
assigned issue to
- changed status to open
Basic - 3.2.3 openid scope not authorized
Issue #70
resolved
Section 3.2.3 says:
"it is up to the Identity provider to determine if the authentication should proceed if the user declines to authorize scopes other than openid".
It should probably say authorization instead of authentication (authentication presumably happened before the authorization prompt was displayed).
Comments (3)
-
-
Change
it is up to the Identity provider to determine if the authentication should proceed if the user declines to authorize scopes other than openid.
to
it is up to the Identity provider to determine if an error should be returned in the case of the user declining to authorize scopes other than openid.
-
- changed status to resolved
fixes
#70 - Log in to comment