-
assigned issue to
OpenID Connect Back-Channel Logout 1.0: Explicit typing of the logout token?
Issue #1468
resolved
The current 06 draft doesn’t specify whether the logout token may be or is required to be explicitly typed, according to the referenced SET RFC 8417.
https://openid.net/specs/openid-connect-backchannel-1_0.html#LogoutToken
Comments (3)
-
-
- changed status to open
-
- changed status to resolved
- Log in to comment
I would propose that register the media type “
application/logout+jwt
“ for this purpose and makes its use RECOMMENDED for Logout Tokens.