Basic - 4 misplaced normative text for check session endpoint

Issue #84 resolved
created an issue

Section 4 says:

"The id_token and Check Session Endpoint MUST be used to validate the identity of a session."

Not clear why a normative MUST that concerns the check session endpoint is placed under the Userinfo endpoint section.

Comments (3)

  1. Log in to comment