- edited description
entity_type as a query parameter
I’m curious to know if
- the entity listing request should include the entity_type as a query parameter
- the entity listing response should include the entity_type parameter as well
As of now, the entity listing response in 2 includes only Entity Identifiers, for example
[
"https://ntnu.andreas.labs.uninett.no/",
"https://blackboard.ntnu.no/openid/callback",
"https://serviceprovider.andreas.labs.uninett.no/application17"
]
How do we get say a list of OPs that can be used at RPs of federation A?
There is another thing as well the information from the federation_list_endpoint is basically available to all. Aren’t we exposing too much information?
Comments (6)
-
reporter -
I can only say that I’ve implemented exactly the same parameter name in the italian profile, see this slide
https://docs.google.com/presentation/d/1yXVU6aHbRr97ygtJGKz0whOeB_BDk2Mj_KWpAc06q8s/edit#slide=id.g11b9d38fbd4_0_104This same issues was rejected in the past, here:
https://bitbucket.org/openid/connect/issues/1358/search-query
-
I agree this proposal, my assumption is that the federation intermediary or the Trust anchor that onboards other Entities should know the federation roles of its descendants.
The PR below aims to resolve definitively this issue
https://bitbucket.org/openid/connect/pull-requests/348/feat-federation-listing-endpoint -
-
assigned issue to
-
assigned issue to
-
- changed status to resolved
-
reporter @Giuseppe De Marco , I’m curious if you also discussed
There is another thing as well the information from the federation_list_endpoint is basically available to all. Aren’t we exposing too much information?
- Log in to comment