-
assigned issue to
Messages 2.3.1 - Do we really need the UserInfo "schema" and "id" parameters?
We need to clarify whether it's the resposibility of the Client to always add the "schema=openid" parameter to all UserInfo requests or whether it's the responsibility of the OP to publish a UserInfo Endpoint address that contains any necessary parameters for the OpenID schema to be used, when necessary, which would mean that the Client would simply use the URL provided. I'm increasingly thinking we should do the latter.
If we do this, we would delete the text about the "schema" and "id" parameters from Messages, Basic, and Implicit entirely.
We could still give non-normative guidance in Discovery in the userinfo_endpoint description saying that if the resource supports multiple schemas, that it is the respibility of the OP to add whatever parameters are necessary to the URL provided so that the OpenID schema is used - for instance by including "?schema=openid" as part of the URL.
Comments (2)
-
reporter -
reporter - changed status to resolved
Fixed
#801- Removed "schema" and "id" parameters to UserInfo Endpoint. Fixed#791- Removed "invalid_schema" error.→ <<cset 2f929b399a3d>>
- Log in to comment
We will make this simplification. We will be clear that query parameters allowed in the endpoint address.