-
assigned issue to
Basic - 3.3. Clearer expression for id_token usage and audience
Issue #138
resolved
In Draft 13:
" ....
The id_token is used to manage the signon event and user identifier, separately from access to the UserInfo Endpoint and other OAuth 2.0 protected resources that the user is granting access to.
...."
This sentence is bit difficult to understand. id_token CAN NOT be used for UserInfo Endpoint and other resource, can be?
and next sentence looks bit strange:
"... The id_token is audience restricted to a particular client via the audience and nonce. ..."
"The id_token is restricted to a particular client via the audience and nonce" might be better.
Comments (3)
-
-
-
assigned issue to
-
assigned issue to
-
- changed status to resolved
fixes
#138Basic - 3.3. Clearer expression for id_token usage and audience - Log in to comment
reword