[has-PR] response_mode=post should define response format & add an example
https://openid.bitbucket.io/connect/openid-connect-self-issued-v2-1_0.html#section-10.1 currently says:
This specification introduces a new response mode
post
in accordance with [OAuth.Responses]. This response mode is used to request the Self-Issued OP to deliver the result of the authentication process to a certain endpoint using the HTTPPOST
method. The additional parameterresponse_mode
is used to carry this value.
I’m not sure if I missed any further definition?
It’s not clear to me how the parameters are returned. I think it might be “response parameters being encoded in the body using the application/x-www-form-urlencoded
format”?
An example of the response would also be good.
Comments (9)
-
-
POST /verifiablecredentials/present HTTP/1.1 Host: localhost:8080 Content-Type: application/x-www-form-urlencoded id_token=...&vp_token=...
is what msft has implemented for response_mode=post
-
endpoint where POST goes to is
redirect_uri
.direct POST, no browser involvement.
-
- changed title to [discuss/needs-PR] response_mode=post should define response format & add an example
-
- changed status to open
clarify the wallet knows how to change the UI based on the verifier's response.to the POST request.
agreed to start with a PR, and discuss in a separate issue Tobias' proposal to include a redirect_uri in the response from the verifier so that cross-device flow can be turned into a same-device flow and the user can continue on the wallet device as opposed to ending on a verifier device.
-
We discussed this during the 10-Oct-22 working group call.
-
-
-
- changed status to resolved
PR merged
- Log in to comment
Somewhere I got the impression that this post response mode was going to become PARM (
#1611) and get better/further defined.