Why HybridIDToken ?
In the examples in 3.5.4 and 3.6.2 ”http://openid.net/specs/openid-connect-core-1_0.html#HybridIDToken” is given as an example of claim_token_format/format. I can’t see that Hybrid Flow ID Token provides the AS with any extra information compared to a ’normal’ ID Token that the AS can have any use of. Since the AS will most probably not have access to the code or the access_token value. Or am I missing something ? So, why choose it as an example. — Roland 'Look, that's why there's rules, understand? So that you think before you break ’em.’ - Terry Pratchett
In our original Claim Profiles spec (no longer operative), I think we used Hybrid Token to mean a token that might have extension claims in it, but I remember discussing this with someone recently and realizing that a) this isn’t quite the intent in OIDC, and b) “Hybrid” is hugely underspecified in OIDC. Our original notion came from Maciej — can you comment? Eve
On 23 Oct 2015, at 5:18 AM, Roland Hedberg <roland.hedberg@umu.se> wrote:
In the examples in 3.5.4 and 3.6.2
”http://openid.net/specs/openid-connect-core-1_0.html#HybridIDToken”
is given as an example of claim_token_format/format.
I can’t see that Hybrid Flow ID Token provides the AS with any extra information compared to a ’normal’ ID Token that the AS can have any use of. Since the AS will most probably not have access to the code or the access_token value.
Or am I missing something ?
So, why choose it as an example.
— Roland 'Look, that's why there's rules, understand? So that you think before you break ’em.’ - Terry Pratchett
_______________________________________________ WG-UMA mailing list WG-UMA@kantarainitiative.org http://kantarainitiative.org/mailman/listinfo/wg-uma
Eve Maler | cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl | Calendar: xmlgrrl@gmail.com
participants (2)
-
Eve Maler -
Roland Hedberg