- edited description
Session - 2 Definition of Identifier and Client Identifier (by Andreas)
The following is from Session Management -02 Section 2:
{{{ Client Identifier A unique identifier that the client uses to identify itself to the OP. Identifier An Identifier is either an "http" or "https" URI, (commonly referred to as a "URL" within this document), or an account URI. This document defines various kinds of Identifiers, designed for use in different contexts. }}}
Is Client Identifer an Identifier? If so, it is required to be an http or https URI, right? AFAIK that is more restrictive requirements on the client_id than in OAuth.
The spec would probably be more clear if it said that the Client Identifier is the same thing as the OAuth 2.0 client_id
Comments (2)
-
reporter -
reporter - changed status to resolved
Fix
#32- Definition of Identifier.Specified that Client Identifier is an OAuth client_id, and an Identifier can be any string though typically it will be an http or https url.
- Log in to comment