- edited description
Discovery 3 - New metadata item for claims request
In Section 5.5 of OpenId Connect Core it is not clear whether all implementations should support both “openid” and “userinfo” as ways for specific claims to be returned. There are cases where support for one or other only may be desirable. Assuming that is agreed then an additional metadata entry is needed to communicate what the top level claims in the claims request parameter are supported.
There is a companion issue #1227 raised to clarify section 5.5 of the core spec in relation to this
Initial draft …
Add claims_responses_supported
Add definition: "A JSON array indicating the top-level members of the Claims request JSON object that are supported. Only valid when the “claims_parameter_supported” is present and true.
Comments (5)
-
reporter -
Good point. We probably need to write an extension to the Discovery spec.
-
Such extension would be helpful for OpenID Connect for Verifiable Presentations draft that is currently proposing to use claims request parameter.
-
The
claims
request parameter is not mandatory to implement (MTI). There is aclaims_parameter_supported
Discovery value saying whether an OP supports it or not. If you support this, you should support its parameters.Some form of discovery parameter about the claims locations supported could be added by an extension - particularly, if the extension adds a new one. But given that
claims
is defined in a final specification, we cannot make normative changes to it in the specification itself. -
- changed milestone to Ammendment
- Log in to comment