Several doubts about value in individual claim requests (5.5.1)

Issue #1114 open
Víctor Herraiz Posada created an issue

We have several doubts reading the value member definition:

  • should “value” value do a “equals” validation against the actual value? or could it be something like a pattern?
  • the response should include the claim if there is a match?
  • If there is no match should fail as “sub” in “3.1.2.2. Authentication Request Validation” point 4.

https://openid.net/specs/openid-connect-core-1_0.html#IndividualClaimsRequests

https://openid.net/specs/openid-connect-core-1_0.html#AuthRequestValidation Point 4

Comments (3)

  1. Michael Jones
    • changed milestone to Errata
    • changed component to Core

    Responses to your questions:

    1. Yes, the comparisons are “equals” comparisons.
    2. Yes, the response should include the claim.
    3. Yes, 3.1.2.2 specifies that the request must fail under those circumstances.

  2. Log in to comment