- changed status to open
[Metadata] general definition of Federation metadata claims for all the entity types
Issue #1547
resolved
In OIDC Federation for the metadata of RP and OP we have these additional claims
- organization_name
- jwks
- signed_jwks_uri
and also for OP only:
- client_registration_types_supported
- federation_registration_endpoint
- request_authentication_methods_supported
- request_authentication_signing_alg_values_supported
We may define these metadata claim also for Federation’s ASs, RSs and Clients.
The claims of the first group can be defined using a general text in the section “4. Metadata” because there are universal.
The second group should be defined for the AS
Comments (2)
-
-
reporter - changed status to resolved
Done here https://bitbucket.org/openid/connect/pull-requests/246
we have a specialized section for OAuth2/OIDC only. We’re investigating how to enable SAML2 entities in GAIN PoC, that’s a good opportunity to find a way to transport also the saml2 metadata in oidc federation (challenging)
- Log in to comment
We could group metadata claims applicable to multiple kinds of entity types together as an editorial action. But if we do this, we should be clear that metadata claims such as
jwks
, etc. that are applicable to OpenID Connect entity types might not be applicable to other entity types, such as SAML SP, etc.