Re: [OAUTH-WG] Step-up Auth: request acr as essential

"By reference": :) 1) There are two differences between acr_values and requesting acr as an essential claim. - the first one is that this document explicitly defines an oauth semantic for *acr_values*, hence we define here the intended effect on the access token. The same cannot be said for the *c

Re: [OAUTH-WG] Step-up Auth: request acr as essential

Thank you. 1) The same points are true to "acr_values". 2) The expressive power and popularity don't have to stop the spec from kindly mentioning the standardized way which was defined 8 years ago. Taka 2022年11月3日(木) 22:04 Vittorio Bertocci : > Hi Takahiko, > thanks for the comment! > The use

Re: [OAUTH-WG] Step-up Auth: request acr as essential

Hi Takahiko, thanks for the comment! The use of the claims parameter for this use case is tricky. 1) if used as is, requesting a particular acr via claims isn't guaranteed to have any effect on the content of an access token, if an access token is even present: OIDC only defines the claims as havin

[OAUTH-WG] Webex meeting invitation: OAuth WG Side Meeting on Thursday @ IETF115

BEGIN:VCALENDAR PRODID:-//Microsoft Corporation//Outlook 10.0 MIMEDIR//EN VERSION:2.0 METHOD:REQUEST BEGIN:VTIMEZONE TZID:Europe/London LAST-MODIFIED:20201011T015911Z TZURL:http://tzurl.org/zoneinfo-outlook/Europe/London X-LIC-LOCATION:Europe/London BEGIN:DAYLIGHT TZNAME:BST TZOFFSETFROM:+ TZOF

[OAUTH-WG] Webex meeting invitation: OAuth WG Side Meeting on Tuesday @ IETF115

BEGIN:VCALENDAR PRODID:-//Microsoft Corporation//Outlook 10.0 MIMEDIR//EN VERSION:2.0 METHOD:REQUEST BEGIN:VTIMEZONE TZID:Europe/London LAST-MODIFIED:20201011T015911Z TZURL:http://tzurl.org/zoneinfo-outlook/Europe/London X-LIC-LOCATION:Europe/London BEGIN:DAYLIGHT TZNAME:BST TZOFFSETFROM:+ TZOF