-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OIDC issuer should return metadata regarding its identity #206
Comments
OIDC defines OP metadata in https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata |
Thanks for the reply @elf-pavlik |
Only partially, and there, the purpose was constrained by a need to represent a client identifier document as JSON-LD. The discussion related to #199 (using the OpenID Federation specification) would potentially remove the need for this JSON-LD mapping entirely. Is there a particular reason you need OAuth2/OpenID Connect terms explicitly defined as IRIs? |
All entities involved in the Solid ecosystem, including identity providers, should provide at least basic information regarding their identity and contact information if they want to be compliant with data protection regulations. While is not the job of the Solid specs to describe/enforce this, at least a mention to it (maybe in the Privacy Considerations section of the specs?) should be made. |
The issuer entity already has a URI. This is encoded as the My earlier question was more centered around why expressing (for example) |
Hi.
I have been reading the Solid-OIDC and Solid-OIDC Primer specifications and I don't find any information regarding the
solid:oidcIssuer
information that should be publicly available.I think it would make sense to specify that a request made to the
solid:oidcIssuer
URI should return information on the identity of the issuer, e.g, the entity responsible for the domain, the entity responsible for hosting, contact information, privacy policy, terms & conditions, what data is necessary to create a WebID (email account,...) and so on.The text was updated successfully, but these errors were encountered: