In the Finnish Mobile PKI service end users may opt-in for a Spam Prevention code . The code must be delivered with the user's Phone Number to the Mobile PKI operator to initiate mobile authentication process.
The Estonian and Lithuanian Mobile PKI service requires as input the end user's Phone Number and Personal Identification Code .
Should there be support for these kinds of fields in the CIBA Authentication Request?
It may be possible to encode these fields as service specific claims in login_hint_token, unless the login_hint_token is received from the discovery service.