-
assigned issue to
- changed status to open
Message - 3.1.2.1. What is "default Check ID claim sets" ?
Issue #170
resolved
"Check ID claim sets" != "ID Token claim sets" ?
If so, "OpenID Request Object" may have kinda "check_id" JSON node to request those claims other than default ones.
Comments (2)
-
-
- changed status to resolved
done
- Log in to comment
The Check ID endpoint decodes the id_token so the claims are always ==.
The default claim set for id_token is in 3.4.2
Yes the openID request object allows for additional claims to be asked for in the id_token.
Those claims are SHOULD be about the authentication event and not general claims about the user.
This is intended to provide extensibility.