-
assigned issue to
Undefined OAuth response parameter "user_id" appears in the text
Where is "user_id" defined?
Comments (14)
-
reporter -
reporter - changed status to open
-
• This is custom attribute added to OAUTH token response. • The use case : o Since clients are taking customer to bank website. o The customer enters user name and password on bank website and clients app only gets a token without a user identity o If clients have to present back bank website during re-authentication flow. Customer may enter different set of user name and password which results in totally different set of accounts data. o This user-id is unique identity of customer that got authenticated within OAUTH flow to get token.
-
reporter Thanks Anoop. Then, it is more or less the same with ID Token and ID Token Hint, except that it has more properties.
-
Tha is correct ... It comes close to Token Hint.
-
reporter Suggest that we then use ID Token and ID Token hint for our purpose, and put a NOTE saying that in DDA 1.0, a custom variable
user_id
is being used. -
That will work as it is consistent with OPENID implementation.
-
reporter - changed component to Part 1: RO Security
-
reporter - changed status to closed
- edited description
-
reporter - changed component to Part 1: Baseline
-
reporter - changed component to FAPI 1 - Part 1: Baseline
-
reporter - changed component to FAPI 1 – Part 1: Baseline
-
reporter - changed component to FAPI 1 – Baseline
-
reporter - changed component to FAPI 1: Baseline
- Log in to comment