OIDC Core - Distributed Claims missing phone_number in example
Issue #1065
resolved
Hi, When looking into the Agg/Distributed Claims examples, we have no consistency between the claims returned by the Claim Provider and the claims returned by the OpenID Provider.
In "Example of Aggregated Claims", address and phone_number are returned by the Claims Provider A. Then, _claim_names contains both address and phone_number as expected.
However, in "Example of Distributed Claims", shipping_address, payment and phone_number are returned by the Claims Provider B. But, _claim_names is missing phone_number.
In "Example of Distributed Claims", I'd suggest to add "phone_number": "src1" into the list of _claim_names to add more clarity.
Comments (5)
-
-
-
assigned issue to
Michael Jones
- changed milestone to Errata
-
assigned issue to
-
- changed status to open
-
Will be fixed by https://bitbucket.org/openid/connect/pull-requests/583
-
- changed status to resolved
- Log in to comment
It's intended that the examples demonstrate that not all claims provided as claim sources be logically returned in the resulting JWT - even if values are physically present in the claim sources. Also consider that if there are multiple sources, both might include the same claim name, whereas one or the other (or none of them) will be the claim source selected for that claim name.