Hi Taka, On Mon, Jun 24, 2019 at 12:16 PM Takahiko Kawasaki <t...@authlete.com> wrote:
> Hi Justin, > > Thank you. Consensus will be that "openid" in the "scope" request > parameter should trigger generation of an ID token. > +1, and the last time I checked, that’s how Google's implementation behaved. I'm wondering if the WG plans to mention it explicitly in the spec and add > "acr_values" request parameter. > No plans to do this. The spec is in the edit queue so such a change can't be made and as Justin said it may be more appropriate in OpenID Foundation, if it's needed. Best, William > Best Regards, > Taka > > > 2019年6月25日(火) 1:13 Justin Richer <jric...@mit.edu>: > >> Taka, >> >> My reading is that the device flow, like other OAuth flows, does not >> prohibit extension, including passing back identity assertions like the ID >> Token. Since it inherits the token response from core OAuth 2, the ID Token >> could be issued along side the access token just like in the authorization >> code flow.The user is present and interacting at the AS in both cases. In >> fact, I’d say that there are enough similarities between the two that for >> the most part it should “just work” and fit the assumptions of most >> clients. That said, it’s technically true that there is no defined profile >> for the combination of the device flow and OIDC, but if something like that >> were to be written it would be better fit to the OpenID Foundation. >> >> — Justin >> >> On Jun 20, 2019, at 6:32 PM, Takahiko Kawasaki <t...@authlete.com> wrote: >> >> Hello, >> >> Do you have any plan to update the specification of Device Flow to >> support issue of ID tokens? >> >> OAuth 2.0 Device Authorization Grant >> >> https://datatracker.ietf.org/doc/draft-ietf-oauth-device-flow/?include_text=1 >> >> Best Regards, >> Takahiko Kawasaki >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org >> https://www.ietf.org/mailman/listinfo/oauth >> >> >> _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth >
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
