1. OpenID Foundation Avatar OpenID Foundation
  2. WGs
  3. connect
  4. Issues

Basic, Messages, Standard - Error response error codes augment OAuth Bearer codes, not OAuth Core codes

Issue #386 resolved
Michael Jones created an issue

Basic 2.3.3 (CheckID Error Response) currently says: "In addition to the error codes defined in Section 5.2 of OAuth 2.0 [OAuth2.0], this specification defines the following error codes".

This reference should be to the OAuth Bearer spec - not the OAuth Core spec.

The same problem occurs in these other sections:

Basic 3.3 (UserInfo Error Response)

Messages 4.3

Messages 5.3

Standard 4.3

Standard 5.3

Comments (4)

  2. Edmund Jay

    I agree that the UserInfo Endpoint errors should augment OAuth Bear codes since it's using Bearer Tokens. But the CheckID Endpoint does not use Bearer Tokens. Am I wrong?

  3. Michael Jones reporter

    John, Nat, and Mike discussed this. Yes, while the CheckID endpoint is not an OAuth resource endpoint per-se, the kinds of errors that could occur are the same, hence the decision to refer to the OAuth Bearer spec in both cases.

  5. Log in to comment
Assignee
Type
bug
Priority
minor
Status
resolved
Component
Milestone
Version
Votes
0
Watchers
0
Jira: the preferred issue tracker for Bitbucket. Join the team!