Feedback on OIDC4IDA draft from Dima - part 2

Comments (6)

1. 

   Hodari McClain

   Requirements:

   1. paragraph 5 - check how to reference “this specification” correctly - see FAPI WG Issue #679

   Verified claims:

   1. change heading “5.2. verified_claims delivery“ to “5.2. Verified claims delivery“
   2. remove “OPs can deliver verified_claims in various ways.“
   3. update 2nd paragraph to “A verified_claims element can be added to an OpenID Connect UserInfo response and/or an ID Token.“ agree with the change; just to note--we have a mix of ‘UserInfo’ and ‘Userinfo’ sprinkled throughout ida now; should settle on one consistent style
   4. remove “OAuth authorization servers can add verified_claims to access tokens in JWT format or token introspection responses, either in plain JSON or JWT-protected format.“
   5. update paragraph before example to: “Here is an example of the payload of an ID Token including verified claims:“

   ‌

   • 2024-04-10T03:35:54+00:00
2. 

   Mark Haine reporter

   • changed status to open

   • 2024-04-10T13:31:33+00:00
3. 

   Mark Haine reporter

   • changed component to Assurance
   • changed milestone to IDA Final

   • 2024-04-10T13:32:07+00:00
4. 

   Hodari McClain

   todo: raise issue for UserInfo to match casing OIDC Core spec

   • 2024-04-10T15:18:31+00:00
5. 

   Hodari McClain

   PR#214

   • 2024-04-27T02:42:02+00:00
6. 

   Mark Haine reporter

   your comment about UserInfo casing should be addressed under Issue #1413 and perhaps PR #212 but I checked the master branch and it looks Ok to me

   • 2024-05-01T11:05:16+00:00
7. Log in to comment