Expected behaviour of OP when don't have a requested claim

Issue #1111 resolved
Jorge Oliva created an issue

In OpenID Connect in for example “Authentication using the Authorization Code Flow“ what is the expected behaviour of the OP when a RP make a request for claims that OP don't know/have about an user, should return an error? should return a empty id token? When talk about empty i mean a id token just with a sub and no additional customer claims.


Comments (2)

  1. Log in to comment