Federation error parameter operation is underspecified
The generic error response at https://openid.net/specs/openid-connect-federation-1_0-23.html#name-generic-error-response includes an operation
parameter that is not present in OAuth errors. There’s one example in the spec where the operation
value is resolve
but no other values for other operations are specified.
We should do one of two things: delete the operation
parameter, since the operation is already known in the context of the request that the error is in response to, or specify the operation
values for all operations.
I’m in favor of simply deleting it - aligning with the OAuth error format.
This is related to https://bitbucket.org/openid/connect/pull-requests/323.
Comments (5)
-
-
It seems that it’s a typo when the federation api was split into different endpoints, in the beginning there was only federation_api_endpoint and the error reported the operation, now I don't think it makes sense anymore, typo.
-
-
-
assigned issue to
-
assigned issue to
-
- changed status to resolved
- Log in to comment
I'm Ok with the deletion