MSISDN claim value
Add claim value “MSISDN”. This value is defined in OpenID Connect MODRNA Authentication Profile as “The Subscriber identifier formated according to ITU-T recommendation [E.164]”.
Comments (10)
-
-
reporter As stated in the issue, the MSISDN is already defined in the MODRNA Authentication profile and as “telephone number uniquely identifying a subscription in a mobile network.” This attribute (or claim) is often request by RPs to be validated. Is there a reason why it shouldn’t be part of the OpenID Connect for Identity Assurance spec.?
-
Basically, any claim can be used with OIDC4IDA including all claims defined in other specs.
I took a look at https://openid.net/specs/openid-connect-modrna-authentication-1_0.html and it seems to define MSISDN as element of the login_hint_token only and not as an End-User claims. The spec also does not register the claim yet with the IANA registry https://www.iana.org/assignments/jwt/jwt.xhtml#claims.
Do you plan to add the registration?
-
reporter Yes, in MODRNA Authentication profile the misisdn is used in the login_hint_token as proposed in the initial proposal that you co-authored. :-)
As stated, the proposal was to add the MSISDN as a claim using the definition in MODRNA. Now, we can always rely on the OpenID Connect Core standard claim “phone_number” and the RP will receive a ‘a phone number’ in the response but it may or not be a mobile phone number which is what RPs are commonly asking for. I thought this would be an enhancement (given the requests that MNOs receive) but if that view isn’t shared then we can default to the OpenID Connect Core standard claim.
-
Long time ago when I contributed to this spec
I don’t mind to add MSISDN to eKYC-IDA, I just wanted to clarify that an extension of https://openid.net/specs/openid-connect-modrna-authentication-1_0.html (IANA registration) would lead to the same result.
Are there specific metadata (trust framework, verification method, …) that you would expect to be used in conjunction mit the MSISDN claim?
-
-
assigned issue to
-
assigned issue to
-
- changed status to open
-
please have a look onto #32
-
reporter I’ve reviewed and approved pr#32.
-
- changed status to resolved
- Log in to comment
@Bjorn Hjelm why do you think this should be added in OIDC4IDA and not MODRNA?