Hi
OIDC UserInfo endpoint supports returning UserInfo directly in JSON or
JWS and/or JWE encoded. It is not only useful for OIDC RP clients but
also allows for supporting a proper HTTP content negotiation, example,
the implementation of OIDC UserInfo endpoint has a better choice of
where an optional JWE/JWS encoding can be done, directly in the code or
via the filters reacting to HTTP Accept.
IMHO it would be good to get it supported directly in OAuth2 token
responses too. Among other thing it would also help with making the
whole JOSE effort more popular.
Just an idea, I do not expect any action from the group, but hopefully
it will be reviewed over time
Sergey
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
