OpenID ABConnect

In an effort to unify Artifact Binding (AB) and Connect (C), Breno (Google), John (Protiviti), and I did a bit of work at iiw and converged to the following split of the specs.

Sorting out the spec structure

So, the structure of the spec will be as follows. ( [A] and [C] indicates Artifact Binding WG work item and Connect WG work item respectively.)

  • JSON Web Token [A]
  • OpenID Connect “Core” (UserInfo Endpoint) [C]
  • Using OpenID 2.0 Identifiers and extensions [A]
  • Session Tokens [C]
  • Request Pointer (Artifact) [A]
  • Higher Level of Assurance [A]

I have to split the Artifact Binding draft into three, but that should not be too much work, hopefully. It certainly cause a bit of delay, but convergence would be more important, I suppose.

2 Replies to “OpenID ABConnect”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.