openid / connect / issues / #547 - Messages 2.1.2.1.1.1 - Spec not clear that user_id claim must be explicitly requested in userinfo claims member — Bitbucket

Issue #547 resolved

Michael Jones created an issue 2012-02-15

The spec should make it clear that when a request object is being used specifiying specific claims with the claims member, that the user_id claim is just another claim and must be requested, if wanted.

Comments (2)

Michael Jones reporter
- assigned issue to
  
  Michael Jones
- changed status to open
The general issue here is whether the claims listed in the request object replace those that may be requested by scope values or add to them.

The one issue with making them additive is that scopes aren't signed but the request object is. We didn't see this as a major problem.

The working group consensus was to make the claims requested by scopes and in the request object additive.
- 2012-03-02T20:39:57+00:00
Michael Jones reporter
- changed status to resolved
Fix ~~#547~~ Messages 2.1.2.1.1.1 - Spec not clear that user_id claim must be explicitly requested in userinfo claims member Now requested claims add to those requested with scope values, rather than replacing them.

→ deaff78acfcd
- 2012-03-16T05:06:05+00:00
Log in to comment

Assignee: Michael Jones

Type: bug

Priority: major

Status: resolved

Component: –

Milestone: –

Version: –

Votes: 0

Watchers: 0

Jira: the preferred issue tracker for Bitbucket. Join the team!