Basic - 3.2.3 openid scope not authorized

Issue #70 resolved
jbufu
created an issue

Section 3.2.3 says:

"it is up to the Identity provider to determine if the authentication should proceed if the user declines to authorize scopes other than openid".

It should probably say authorization instead of authentication (authentication presumably happened before the authorization prompt was displayed).

Comments (3)

  1. Nat Sakimura

    Change

    it is up to the Identity provider to determine if the authentication should proceed if the user declines to authorize scopes other than openid.
    

    to

    it is up to the Identity provider to determine if an error should be returned in the case of the user declining to authorize scopes other than openid.
    
  2. Log in to comment