Difference between revisions of "OC5:OP Features"
(Request File -> request_uri) |
(Specify default algorithms) |
||
| Line 289: | Line 289: | ||
|solution_role = OP | |solution_role = OP | ||
|test_description = Exchange with max_age request value of 30 seconds | |test_description = Exchange with max_age request value of 30 seconds | ||
| − | |acceptable = | + | |acceptable = auth_time claim returned and causes reauthentication when authentication age over 30 seconds |
|not_acceptable = Fails | |not_acceptable = Fails | ||
|testlist = [[OC5:FeatureTest-Providing ID Token with max_age Restriction]] | |testlist = [[OC5:FeatureTest-Providing ID Token with max_age Restriction]] | ||
| Line 988: | Line 988: | ||
|feature_type = interop | |feature_type = interop | ||
|solution_role = OP | |solution_role = OP | ||
| − | |test_description = Accept registration for signed UserInfo responses and send them | + | |test_description = Accept registration for signed UserInfo responses using RS256 and send them |
|acceptable = Accepts registration for signed UserInfo responses and sends them | |acceptable = Accepts registration for signed UserInfo responses and sends them | ||
|not_acceptable = Registration not accepted or UserInfo response not signed | |not_acceptable = Registration not accepted or UserInfo response not signed | ||
| Line 1,002: | Line 1,002: | ||
|feature_type = interop | |feature_type = interop | ||
|solution_role = OP | |solution_role = OP | ||
| − | |test_description = Accept registration for encrypted UserInfo responses and send them | + | |test_description = Accept registration for encrypted UserInfo responses using RSA1_5 and A128CBC-HS256 and send them |
|acceptable = Accepts registration for encrypted UserInfo responses and sends them | |acceptable = Accepts registration for encrypted UserInfo responses and sends them | ||
|not_acceptable = Registration not accepted or UserInfo response not encrypted | |not_acceptable = Registration not accepted or UserInfo response not encrypted | ||
| Line 1,016: | Line 1,016: | ||
|feature_type = interop | |feature_type = interop | ||
|solution_role = OP | |solution_role = OP | ||
| − | |test_description = Accept registration for signed and encrypted UserInfo responses and send them | + | |test_description = Accept registration for signed and encrypted UserInfo responses using RS256, RSA1_5, and A128CBC-HS256 and send them |
|acceptable = Accepts registration for signed and encrypted UserInfo responses and sends them | |acceptable = Accepts registration for signed and encrypted UserInfo responses and sends them | ||
|not_acceptable = Registration not accepted or UserInfo response not signed and encrypted | |not_acceptable = Registration not accepted or UserInfo response not signed and encrypted | ||
| Line 1,030: | Line 1,030: | ||
|feature_type = interop | |feature_type = interop | ||
|solution_role = OP | |solution_role = OP | ||
| − | |test_description = Accept registration for encrypted ID Token responses and send them | + | |test_description = Accept registration for encrypted ID Token responses using RSA1_5 and A128CBC-HS256 and send them |
|acceptable = Accepts registration for encrypted ID Token responses and sends them | |acceptable = Accepts registration for encrypted ID Token responses and sends them | ||
|not_acceptable = Registration not accepted or ID Token response not encrypted | |not_acceptable = Registration not accepted or ID Token response not encrypted | ||
| Line 1,044: | Line 1,044: | ||
|feature_type = interop | |feature_type = interop | ||
|solution_role = OP | |solution_role = OP | ||
| − | |test_description = Accept registration for signed and encrypted ID Token responses and send them | + | |test_description = Accept registration for signed and encrypted ID Token responses using RS256, RSA1_5, and A128CBC-HS256 and send them |
|acceptable = Accepts registration for signed and encrypted ID Token responses and sends them | |acceptable = Accepts registration for signed and encrypted ID Token responses and sends them | ||
|not_acceptable = Registration not accepted or ID Token response not signed and encrypted | |not_acceptable = Registration not accepted or ID Token response not signed and encrypted | ||
Revision as of 17:54, 11 June 2014
{{#vardefine:DtArticleSortKey|}}
Feature-Support id_token Response Type
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support id_token Response Type|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support id_token Response Type - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Support id_token Response Type | Exchange with response_type of id_token | Works | Fails |
Tests
OC5:FeatureTest-Support id_token Response Type
Feature-Support code Response Type
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support code Response Type|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support code Response Type - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Support code Response Type | Exchange with response_type of code | Works | Fails |
Tests
OC5:FeatureTest-Support code Response Type
Feature-Support token Response Type
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support token Response Type|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support token Response Type - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Support token Response Type | Exchange with response_type of token | Works | Fails |
Tests
OC5:FeatureTest-Support token Response Type
Feature-Support Combination of id_token code Response Types
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support Combination of id_token code Response Types|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support Combination of id_token code Response Types - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Support Combination of id_token code Response Types | Exchange with response_type of id_token code | Works | Fails |
Tests
OC5:FeatureTest-Support Combination of id_token code Response Types
Feature-Support Combination of id_token token Response Types
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support Combination of id_token token Response Types|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support Combination of id_token token Response Types - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Support Combination of id_token token Response Types | Exchange with response_type of id_token token | Works | Fails |
Tests
OC5:FeatureTest-Support Combination of id_token token Response Types
Feature-Support Combination of code token Response Types
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support Combination of code token Response Types|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support Combination of code token Response Types - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Support Combination of code token Response Types | Exchange with response_type of code token | Works | Fails |
Tests
OC5:FeatureTest-Support Combination of code token Response Types
Feature-Support Combination of code id_token token Response Types
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support Combination of code id_token token Response Types|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support Combination of code id_token token Response Types - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Support Combination of code id_token token Response Types | Exchange with response_type of code id_token token | Works | Fails |
Tests
OC5:FeatureTest-Support Combination of code id_token token Response Types
Feature-Support Authentication to Token Endpoint using HTTP Basic with POST
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support Authentication to Token Endpoint using HTTP Basic with POST|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support Authentication to Token Endpoint using HTTP Basic with POST - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Support Authentication to Token Endpoint using HTTP Basic with POST | Obtain Token using client_secret_basic Method with POST | Works | Fails |
Tests
OC5:FeatureTest-Support Authentication to Token Endpoint using HTTP Basic with POST
Feature-Support Authentication to Token Endpoint using Form-Encoded Client Credentials in POST Body
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support Authentication to Token Endpoint using Form-Encoded Client Credentials in POST Body|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support Authentication to Token Endpoint using Form-Encoded Client Credentials in POST Body - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Support Authentication to Token Endpoint using Form-Encoded Client Credentials in POST Body | Obtain Token using client_secret_post method | Works | Fails |
Tests
Feature-Support Authentication to Token Endpoint with Asymmetrically Signed JWTs
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support Authentication to Token Endpoint with Asymmetrically Signed JWTs|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support Authentication to Token Endpoint with Asymmetrically Signed JWTs - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Support Authentication to Token Endpoint with Asymmetrically Signed JWTs | Obtain Token using private_key_jwt Method | Works | Fails |
Tests
OC5:FeatureTest-Support Authentication to Token Endpoint with Asymmetrically Signed JWTs
Feature-Support Authentication to Token Endpoint with Symmetrically Signed JWTs
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support Authentication to Token Endpoint with Symmetrically Signed JWTs|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support Authentication to Token Endpoint with Symmetrically Signed JWTs - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Support Authentication to Token Endpoint with Symmetrically Signed JWTs | Obtain Token using client_secret_jwt Method | Works | Fails |
Tests
OC5:FeatureTest-Support Authentication to Token Endpoint with Symmetrically Signed JWTs
Feature-UserInfo Endpoint
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:UserInfo Endpoint|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP UserInfo Endpoint - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| UserInfo Endpoint | Exchange Returning Claims from UserInfo Endpoint | Works | Fails |
Tests
OC5:FeatureTest-UserInfo Endpoint
Feature-UserInfo Endpoint Access with Header Method
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:UserInfo Endpoint Access with Header Method|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP UserInfo Endpoint Access with Header Method - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| UserInfo Endpoint Access with Header Method | UserInfo Endpoint Exchange using Header Method | Works | Fails |
Tests
OC5:FeatureTest-UserInfo Endpoint Access with Header Method
Feature-UserInfo Endpoint Access with Form-Encoded Body Method
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:UserInfo Endpoint Access with Form-Encoded Body Method|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP UserInfo Endpoint Access with Form-Encoded Body Method - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| UserInfo Endpoint Access with Form-Encoded Body Method | UserInfo Endpoint Exchange using Form-Encoded Body Method | Works | Fails |
Tests
OC5:FeatureTest-UserInfo Endpoint Access with Form-Encoded Body Method
Feature-Support scope Requesting No Specific Claims
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support scope Requesting No Specific Claims|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support scope Requesting No Specific Claims - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Support scope Requesting No Specific Claims | Exchange with scope of openid | sub claim returned | Fails |
Tests
OC5:FeatureTest-Support scope Requesting No Specific Claims
Feature-Support scope Requesting profile Claims
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support scope Requesting profile Claims|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support scope Requesting profile Claims - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Support scope Requesting profile Claims | Exchange with scope of openid profile | sub and available default profile claims (name, family_name, given_name, middle_name, nickname, profile, picture, website, gender, birthday, zoneinfo, locale, updated_time) returned | Fails |
Tests
OC5:FeatureTest-Support scope Requesting profile Claims
Feature-Support scope Requesting email Claims
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support scope Requesting email Claims|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support scope Requesting email Claims - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Support scope Requesting email Claims | Exchange with scope of openid email | sub returned and email and verified claims returned, if available | Fails |
Tests
OC5:FeatureTest-Support scope Requesting email Claims
Feature-Support scope Requesting address Claims
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support scope Requesting address Claims|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support scope Requesting address Claims - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Support scope Requesting address Claims | Exchange with scope of openid address | sub returned and address claim returned, if available | Fails |
Tests
OC5:FeatureTest-Support scope Requesting address Claims
Feature-Support scope Requesting phone Claims
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support scope Requesting phone Claims|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support scope Requesting phone Claims - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Support scope Requesting phone Claims | Exchange with scope of openid phone | sub returned and phone_number claim returned, if available | Fails |
Tests
OC5:FeatureTest-Support scope Requesting phone Claims
Feature-Support scope Requesting All Basic Claims
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support scope Requesting All Basic Claims|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support scope Requesting All Basic Claims - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Support scope Requesting All Basic Claims | Exchange with scope of openid profile email address phone | sub returned and all other available Connect claims returned | Fails |
Tests
OC5:FeatureTest-Support scope Requesting All Basic Claims
Feature-Providing ID Token with max_age Restriction
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Providing ID Token with max_age Restriction|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Providing ID Token with max_age Restriction - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Providing ID Token with max_age Restriction | Exchange with max_age request value of 30 seconds | auth_time claim returned and causes reauthentication when authentication age over 30 seconds | Fails |
Tests
OC5:FeatureTest-Providing ID Token with max_age Restriction
Feature-Support display value page
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support display value page|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support display value page - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Support display value page | Exchange with display value of page | Works | Fails |
Tests
OC5:FeatureTest-Support display value page
Feature-Support display value popup
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support display value popup|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support display value popup - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Support display value popup | Exchange with display value of popup | Works | Fails |
Tests
OC5:FeatureTest-Support display value popup
Feature-Support prompt value none
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support prompt value none|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support prompt value none - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Support prompt value none | Exchange with prompt value of none | Works | Fails |
Tests
OC5:FeatureTest-Support prompt value none
Feature-Support prompt value login
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support prompt value login|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support prompt value login - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Support prompt value login | Exchange with prompt value of login | Works | Fails |
Tests
OC5:FeatureTest-Support prompt value login
Feature-Uses Asymmetric ID Token Signatures
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Uses Asymmetric ID Token Signatures|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Uses Asymmetric ID Token Signatures - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Uses Asymmetric ID Token Signatures | Sign ID Token with RS256 | Works | Fails |
Tests
OC5:FeatureTest-Uses Asymmetric ID Token Signatures
Feature-Uses Symmetric ID Token Signatures
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Uses Symmetric ID Token Signatures|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Uses Symmetric ID Token Signatures - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Uses Symmetric ID Token Signatures | Sign ID Token with HS256 | Works | Fails |
Tests
OC5:FeatureTest-Uses Symmetric ID Token Signatures
Feature-Support WebFinger Discovery
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support WebFinger Discovery|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support WebFinger Discovery - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Support WebFinger Discovery | Exchange in which RP discovers user's OP location with WebFinger | Works | Fails |
Tests
OC5:FeatureTest-Support WebFinger Discovery
Feature-Publish openid-configuration Discovery Information
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Publish openid-configuration Discovery Information|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Publish openid-configuration Discovery Information - Maturity: New {{#if: OC5 | (OC5 ) }} | |||
|---|---|---|---|
| Publish openid-configuration Discovery Information | OP publishes OP metadata at <issuer>/.well-known/openid-configuration | OP metadata discoverable | OP metadata not discoverable |
Tests
OC5:FeatureTest-Publish openid-configuration Discovery Information
Feature-Enables Dynamic Registration
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Enables Dynamic Registration|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Enables Dynamic Registration - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Enables Dynamic Registration | Exchange Registering New Client | Works | Fails |
Tests
OC5:FeatureTest-Enables Dynamic Registration
Feature-Providing Aggregated Claims
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Providing Aggregated Claims|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Providing Aggregated Claims - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Providing Aggregated Claims | Exchange with Aggregated Claims | Works | Fails |
Tests
OC5:FeatureTest-Providing Aggregated Claims
Feature-Providing Distributed Claims
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Providing Distributed Claims|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Providing Distributed Claims - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Providing Distributed Claims | Exchange with Distributed Claims | Works | Fails |
Tests
OC5:FeatureTest-Providing Distributed Claims
Feature-Providing public sub Value
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Providing public sub Value|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Providing public sub Value - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Providing public sub Value | Exchange with public sub Value | Works | Fails |
Tests
OC5:FeatureTest-Providing public sub Value
Feature-Providing pairwise sub Value
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Providing pairwise sub Value|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Providing pairwise sub Value - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Providing pairwise sub Value | Exchange with pairwise sub Value | Works | Fails |
Tests
OC5:FeatureTest-Providing pairwise sub Value
Feature-Public and pairwise sub Values Differ
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Public and pairwise sub Values Differ|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Public and pairwise sub Values Differ - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Public and pairwise sub Values Differ | Request public and pairwise sub values and verify they differ | The public and pairwise sub values differ | The public and pairwise sub values are the same |
Tests
OC5:FeatureTest-Public and pairwise sub Values Differ
Feature-Support request_uri Request Parameter
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support request_uri Request Parameter|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support request_uri Request Parameter - Maturity: Established {{#if: OC3 | (OC3 ) }} | |||
|---|---|---|---|
| Support request_uri Request Parameter | Exchange with request_uri referencing Request Object using alg none | Works | Fails |
Tests
OC5:FeatureTest-Support request_uri Request Parameter
Feature-Includes at_hash in ID Token when Implicit Flow Used
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Includes at_hash in ID Token when Implicit Flow Used|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP
Receive request with response_type of token id_token Includes at_hash in ID Token when Implicit Flow Used - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Includes at_hash in ID Token when Implicit Flow Used | at_hash for token returned in id_token | at_hash not returned or incorrectly computed | |
Tests
OC5:FeatureTest-Includes at_hash in ID Token when Implicit Flow Used
Feature-Includes c_hash in ID Token when Code Flow Used
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Includes c_hash in ID Token when Code Flow Used|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Includes c_hash in ID Token when Code Flow Used - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Includes c_hash in ID Token when Code Flow Used | Receive request with response_type of code | c_hash for code returned in id_token | c_hash not returned or incorrectly computed |
Tests
OC5:FeatureTest-Includes c_hash in ID Token when Code Flow Used
Feature-Reject Request Without response_type
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Reject Request Without response_type|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Reject Request Without response_type - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Reject Request Without response_type | Receive authorization request missing the response_type parameter | Request is rejected | Request is accepted |
Tests
OC5:FeatureTest-Reject Request Without response_type
Feature-Ignores Extra Query Component in Request
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Ignores Extra Query Component in Request|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Ignores Extra Query Component in Request - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Ignores Extra Query Component in Request | Receive request with response_type of code and an extra query parameter | Extra query parameter ignored | Request fails |
Tests
OC5:FeatureTest-Ignores Extra Query Component in Request
Feature-Preserves Query Parameter in redirect_uri
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Preserves Query Parameter in redirect_uri|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Preserves Query Parameter in redirect_uri - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Preserves Query Parameter in redirect_uri | Receive request with query parameter in redirect_uri | Query parameter included in authorization response | Query param not included |
Tests
OC5:FeatureTest-Preserves Query Parameter in redirect_uri
Feature-Preserves Query Parameter in Registered redirect_uri
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Preserves Query Parameter in Registered redirect_uri|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Preserves Query Parameter in Registered redirect_uri - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Preserves Query Parameter in Registered redirect_uri | Receive registration request in which the redirect_uri has a query component | Preserves query component | Discards query component |
Tests
OC5:FeatureTest-Preserves Query Parameter in Registered redirect_uri
Feature-Rejects redirect_uri when Query Parameter Does Not Match
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Rejects redirect_uri when Query Parameter Does Not Match|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Rejects redirect_uri when Query Parameter Does Not Match - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Rejects redirect_uri when Query Parameter Does Not Match | Receive request with same base redirect_uri value but different query parameter in redirect_uri | Rejects request | Accepts request |
Tests
OC5:FeatureTest-Rejects redirect_uri when Query Parameter Does Not Match
Feature-Reject Registration of redirect_uri with Fragment
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Reject Registration of redirect_uri with Fragment|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Reject Registration of redirect_uri with Fragment - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Reject Registration of redirect_uri with Fragment | Receive registration request in which the redirect_uri has a fragment | Request is rejected | Request is accepted |
Tests
OC5:FeatureTest-Reject Registration of redirect_uri with Fragment
Feature-Reject redirect_uri Not Matching a Registered redirect_uri
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Reject redirect_uri Not Matching a Registered redirect_uri|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Reject redirect_uri Not Matching a Registered redirect_uri - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Reject redirect_uri Not Matching a Registered redirect_uri | Receive request with redirect_uri not matching a registered redirect_uri | Request is rejected | Request is accepted |
Tests
OC5:FeatureTest-Reject redirect_uri Not Matching a Registered redirect_uri
Feature-Accept Request Without redirect_uri when One Registered
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Accept Request Without redirect_uri when One Registered|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Accept Request Without redirect_uri when One Registered - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Accept Request Without redirect_uri when One Registered | Receive request without redirect_uri when one redirect_uri registered | Request accepted and registered redirect_uri is used | Request is rejected |
Tests
OC5:FeatureTest-Accept Request Without redirect_uri when One Registered
Feature-Reject Request Without redirect_uri when Multiple Registered
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Reject Request Without redirect_uri when Multiple Registered|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Reject Request Without redirect_uri when Multiple Registered - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Reject Request Without redirect_uri when Multiple Registered | Receive request without redirect_uri when multiple redirect_uri values registered | Request is rejected | Request is accepted |
Tests
OC5:FeatureTest-Reject Request Without redirect_uri when Multiple Registered
Feature-Support id_token Hint Parameter
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support id_token Hint Parameter|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support id_token Hint Parameter - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Support id_token Hint Parameter | Receive request with id_token parameter | Works | Fails |
Tests
OC5:FeatureTest-Support id_token Hint Parameter
Feature-Support claims Request Specifying sub Value
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support claims Request Specifying sub Value|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support claims Request Specifying sub Value - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Support claims Request Specifying sub Value | Receive request specifying requested sub value using claims request parameter | If that user is logged in, the request succeeds, otherwise it fails | Other behaviors |
Tests
OC5:FeatureTest-Support claims Request Specifying sub Value
Feature-Support claims Request Specifying sub Value when prompt none Used
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support claims Request Specifying sub Value when prompt none Used|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support claims Request Specifying sub Value when prompt none Used - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Support claims Request Specifying sub Value when prompt none Used | Receive request specifying requested sub value using claims request parameter and using the prompt value none | If that user is logged in without prompting for credentials, the request succeeds, otherwise it fails | Other behaviors |
Tests
OC5:FeatureTest-Support claims Request Specifying sub Value when prompt none Used
Feature-Displays Logo in Login Page
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Displays Logo in Login Page|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Displays Logo in Login Page - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Displays Logo in Login Page | OP displays registered client logo in login page | Shown | Not shown |
Tests
OC5:FeatureTest-Displays Logo in Login Page
Feature-Displays Policy URI in Login Page
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Displays Policy URI in Login Page|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Displays Policy URI in Login Page - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Displays Policy URI in Login Page | OP displays registered policy URI in login page | Shown | Not shown |
Tests
OC5:FeatureTest-Displays Policy URI in Login Page
Feature-Supports Returning Claims in ID Token
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Supports Returning Claims in ID Token|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Supports Returning Claims in ID Token - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Supports Returning Claims in ID Token | Claims request requests that the name and email and claims be returned in the ID Token and requests no claims from the UserInfo endpoint | Claims returned in ID Token and not the UserInfo endpoint | Claims not returned in ID Token or returned at UserInfo endpoint |
Tests
OC5:FeatureTest-Supports Returning Claims in ID Token
Feature-Supports Returning Different Claims in ID Token and UserInfo Endpoint
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Supports Returning Different Claims in ID Token and UserInfo Endpoint|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Supports Returning Different Claims in ID Token and UserInfo Endpoint - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Supports Returning Different Claims in ID Token and UserInfo Endpoint | Claims request requests that the name and email and claims be returned in the ID Token and requests the given_name and family_name claims from the UserInfo endpoint | Claims are returned from locations requested | Claims are not returned or are returned at the wrong locations |
Tests
OC5:FeatureTest-Supports Returning Different Claims in ID Token and UserInfo Endpoint
Feature-Supports Combining Claims Requested with scope and claims Request Parameter
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Supports Combining Claims Requested with scope and claims Request Parameter|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Supports Combining Claims Requested with scope and claims Request Parameter - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Supports Combining Claims Requested with scope and claims Request Parameter | Request uses email scope to request email and email_verified claims and claims request parameter to request given_name and family_name claims from UserInfo endpoint | The claims email, email_verified, given_name, and family_name are all returned from the UserInfo endpoint | Not all of the claims requested are returned |
Tests
OC5:FeatureTest-Supports Combining Claims Requested with scope and claims Request Parameter
Feature-Supports using Sector Identifier for Pairwise sub Values
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Supports using Sector Identifier for Pairwise sub Values|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Supports using Sector Identifier for Pairwise sub Values - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Supports using Sector Identifier for Pairwise sub Values | Pairwise sub values returned computed using sector_identifier_uri | Same pairwise sub returned for different registered redirect_uri values | Different pairwise sub values returned when sector identifier contains the redirect_uri values |
Tests
OC5:FeatureTest-Supports using Sector Identifier for Pairwise sub Values
Feature-Rejects Sector Identifier Not Containing Registered redirect_uri Values
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Rejects Sector Identifier Not Containing Registered redirect_uri Values|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Rejects Sector Identifier Not Containing Registered redirect_uri Values - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Rejects Sector Identifier Not Containing Registered redirect_uri Values | Registration request received in which the list of redirect_uri values at the sector_identifier_uri does not include all the registered redirect_uri values | Request is rejected | Request succeeds |
Tests
OC5:FeatureTest-Rejects Sector Identifier Not Containing Registered redirect_uri Values
Feature-Support Requests Containing nonce
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support Requests Containing nonce|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support Requests Containing nonce - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Support Requests Containing nonce | Receive request using implicit flow containing a nonce | Nonce value returned in ID Token | Nonce value not returned |
Tests
OC5:FeatureTest-Support Requests Containing nonce
Feature-Support Requests Without nonce
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support Requests Without nonce|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support Requests Without nonce - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Support Requests Without nonce | Receive request using code flow without a nonce | Works | Fails or nonce returned |
Tests
OC5:FeatureTest-Support Requests Without nonce
Feature-Reject Requests Without nonce Using Implicit Flow
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Reject Requests Without nonce Using Implicit Flow|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Reject Requests Without nonce Using Implicit Flow - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Reject Requests Without nonce Using Implicit Flow | Receive request using implicit flow without a nonce | Request is rejected | Request succeeds |
Tests
OC5:FeatureTest-Reject Requests Without nonce Using Implicit Flow
Feature-Providing Individually Requested Essential Claims
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Providing Individually Requested Essential Claims|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Providing Individually Requested Essential Claims - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Providing Individually Requested Essential Claims | Exchange using claims Request with Essential name Claim | Specific requested claims returned and no others, or error returned if all not available | Fails |
Tests
OC5:FeatureTest-Providing Individually Requested Essential Claims
Feature-Providing Individually Requested Voluntary Claims
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Providing Individually Requested Voluntary Claims|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Providing Individually Requested Voluntary Claims - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Providing Individually Requested Voluntary Claims | Exchange using claims Request with Voluntary email and picture Claims | Specific available voluntary claims returned and no others | Fails |
Tests
OC5:FeatureTest-Providing Individually Requested Voluntary Claims
Feature-Providing Individually Requested Essential and Voluntary Claims
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Providing Individually Requested Essential and Voluntary Claims|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Providing Individually Requested Essential and Voluntary Claims - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Providing Individually Requested Essential and Voluntary Claims | Exchange using claims Request with Essential name and Voluntary email and picture Claims | Specific essential claims returned and available voluntary claims returned and no others, or error returned if all essential claims not available | Fails |
Tests
OC5:FeatureTest-Providing Individually Requested Essential and Voluntary Claims
Feature-Providing ID Token with Essential auth_time Claim
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Providing ID Token with Essential auth_time Claim|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Providing ID Token with Essential auth_time Claim - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Providing ID Token with Essential auth_time Claim | Exchange using claims Request with Essential auth_time Claim for ID Token | Works | Fails |
Tests
OC5:FeatureTest-Providing ID Token with Essential auth_time Claim
Feature-Providing ID Token with Essential acr Claim
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Providing ID Token with Essential acr Claim|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Providing ID Token with Essential acr Claim - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Providing ID Token with Essential acr Claim | Exchange requesting two acr claim values for ID Token returning one or an error | Returns one of available requested acr claim values if supported or else an error | Fails |
Tests
OC5:FeatureTest-Providing ID Token with Essential acr Claim
Feature-Providing ID Token with Voluntary acr Claim
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Providing ID Token with Voluntary acr Claim|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Providing ID Token with Voluntary acr Claim - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Providing ID Token with Voluntary acr Claim | Exchange requesting two specific voluntary acr claim values for ID Token returning one or zero | Returns one of available requested acr claim values if supported or else none | Fails |
Tests
OC5:FeatureTest-Providing ID Token with Voluntary acr Claim
Feature-Support Request for acr Value of 1
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support Request for acr Value of 1|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support Request for acr Value of 1 - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Support Request for acr Value of 1 | Exchange requesting essential acr claim value of 1 in ID Token
Returns ID Token with acr value of 1 Other behaviors |
Enter the unacceptable result | |
Tests
OC5:FeatureTest-Support Request for acr Value of 1
Feature-Logout Initiated by OP
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Logout Initiated by OP|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Logout Initiated by OP - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Logout Initiated by OP | OP notifies RPs of logout state change | RPs notified of logout | RPs not notified |
Tests
OC5:FeatureTest-Logout Initiated by OP
Feature-Logout Received by OP
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Logout Received by OP|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Logout Received by OP - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Logout Received by OP | RP notifies OP of logout request | OP performs logout actions | Logout actions not performed |
Tests
OC5:FeatureTest-Logout Received by OP
Feature-State Change Other than Logout Communicated
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:State Change Other than Logout Communicated|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP State Change Other than Logout Communicated - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| State Change Other than Logout Communicated | OP notifies RPs of switch user or reauthorization state change | RPs notified of state change | RPs not notified |
Tests
OC5:FeatureTest-State Change Other than Logout Communicated
Feature-Can Provide Signed UserInfo Response
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can Provide Signed UserInfo Response|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Can Provide Signed UserInfo Response - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Can Provide Signed UserInfo Response | Accept registration for signed UserInfo responses using RS256 and send them | Accepts registration for signed UserInfo responses and sends them | Registration not accepted or UserInfo response not signed |
Tests
OC5:FeatureTest-Can Provide Signed UserInfo Response
Feature-Can Provide Encrypted UserInfo Response
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can Provide Encrypted UserInfo Response|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Can Provide Encrypted UserInfo Response - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Can Provide Encrypted UserInfo Response | Accept registration for encrypted UserInfo responses using RSA1_5 and A128CBC-HS256 and send them | Accepts registration for encrypted UserInfo responses and sends them | Registration not accepted or UserInfo response not encrypted |
Tests
OC5:FeatureTest-Can Provide Encrypted UserInfo Response
Feature-Can Provide Signed and Encrypted UserInfo Response
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can Provide Signed and Encrypted UserInfo Response|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Can Provide Signed and Encrypted UserInfo Response - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Can Provide Signed and Encrypted UserInfo Response | Accept registration for signed and encrypted UserInfo responses using RS256, RSA1_5, and A128CBC-HS256 and send them | Accepts registration for signed and encrypted UserInfo responses and sends them | Registration not accepted or UserInfo response not signed and encrypted |
Tests
OC5:FeatureTest-Can Provide Signed and Encrypted UserInfo Response
Feature-Can Provide Encrypted ID Token Response
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can Provide Encrypted ID Token Response|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Can Provide Encrypted ID Token Response - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Can Provide Encrypted ID Token Response | Accept registration for encrypted ID Token responses using RSA1_5 and A128CBC-HS256 and send them | Accepts registration for encrypted ID Token responses and sends them | Registration not accepted or ID Token response not encrypted |
Tests
OC5:FeatureTest-Can Provide Encrypted ID Token Response
Feature-Can Provide Signed and Encrypted ID Token Response
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can Provide Signed and Encrypted ID Token Response|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Can Provide Signed and Encrypted ID Token Response - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Can Provide Signed and Encrypted ID Token Response | Accept registration for signed and encrypted ID Token responses using RS256, RSA1_5, and A128CBC-HS256 and send them | Accepts registration for signed and encrypted ID Token responses and sends them | Registration not accepted or ID Token response not signed and encrypted |
Tests
OC5:FeatureTest-Can Provide Signed and Encrypted ID Token Response
Feature-Rejects Second Use of Access Code
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Rejects Second Use of Access Code|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Rejects Second Use of Access Code - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Rejects Second Use of Access Code | OP receives request to use access code for a second time | Error returned | Request succeeds |
Tests
OC5:FeatureTest-Rejects Second Use of Access Code
Feature-Second Use of Access Code Revokes Previously Issued Access Token
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Second Use of Access Code Revokes Previously Issued Access Token|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Second Use of Access Code Revokes Previously Issued Access Token - Maturity: Established {{#if: OC4 | (OC4 ) }} | |||
|---|---|---|---|
| Second Use of Access Code Revokes Previously Issued Access Token | OP receives request to use access code for a second time | Access token revoked | Access token continues to work |
Tests
OC5:FeatureTest-Second Use of Access Code Revokes Previously Issued Access Token
Feature-Can Request OP Initiated Login
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can Request OP Initiated Login|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Can Request OP Initiated Login - Maturity: New {{#if: OC5 | (OC5 ) }} | |||
|---|---|---|---|
| Can Request OP Initiated Login | Send OP-initiated login request to the RP | RP logged in at OP | RP not logged in at OP |
Tests
OC5:FeatureTest-Can Request OP Initiated Login
Feature-Support form_post Response Mode
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support form_post Response Mode|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support form_post Response Mode - Maturity: New {{#if: OC5 | (OC5 ) }} | |||
|---|---|---|---|
| Support form_post Response Mode | Receive request using response_type=id_token token and response_mode=form_post | Response sent as HTML form post resulting in query encoded parameters | Fails. One form of failure is returning fragment encoded parameters. |
Tests
OC5:FeatureTest-Support form_post Response Mode
Feature-Uses Keys Registered with jwks_uri Value
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Uses Keys Registered with jwks_uri Value|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Uses Keys Registered with jwks_uri Value - Maturity: New {{#if: OC5 | (OC5 ) }} | |||
|---|---|---|---|
| Uses Keys Registered with jwks_uri Value | OP uses keys obtained from jwks_uri registration parameter | Works | Fails |
Tests
OC5:FeatureTest-Uses Keys Registered with jwks_uri Value
Feature-Uses Keys Registered with jwks Value
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Uses Keys Registered with jwks Value|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Uses Keys Registered with jwks Value - Maturity: New {{#if: OC5 | (OC5 ) }} | |||
|---|---|---|---|
| Uses Keys Registered with jwks Value | OP uses keys obtained from jwks registration parameter | Works | Fails |
Tests
OC5:FeatureTest-Uses Keys Registered with jwks Value
Feature-Can Rollover OP Signing Key
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can Rollover OP Signing Key|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Can Rollover OP Signing Key - Maturity: New {{#if: OC5 | (OC5 ) }} | |||
|---|---|---|---|
| Can Rollover OP Signing Key | OP rolls over signing key at its jwks_uri location after use by RP | RP successfully uses old then new key | Fails |
Tests
OC5:FeatureTest-Can Rollover OP Signing Key
Feature-Support RP Signing Key Rollover
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support RP Signing Key Rollover|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support RP Signing Key Rollover - Maturity: New {{#if: OC5 | (OC5 ) }} | |||
|---|---|---|---|
| Support RP Signing Key Rollover | RP rolls over signing key at its jwks_uri location after use by OP | OP successfully uses old then new key | Fails |
Tests
OC5:FeatureTest-Support RP Signing Key Rollover
Feature-Support RP Encryption Key Rollover
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Support RP Encryption Key Rollover|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Support RP Encryption Key Rollover - Maturity: New {{#if: OC5 | (OC5 ) }} | |||
|---|---|---|---|
| Support RP Encryption Key Rollover | RP rolls over encryption key at its jwks_uri location after use by OP | OP successfully uses old then new key | Fails |
Tests
OC5:FeatureTest-Support RP Encryption Key Rollover
Feature-Can Rollover OP Encryption Key
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Can Rollover OP Encryption Key|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Can Rollover OP Encryption Key - Maturity: New {{#if: OC5 | (OC5 ) }} | |||
|---|---|---|---|
| Can Rollover OP Encryption Key | OP rolls over encryption key at its jwks_uri location after use by RP | RP successfully uses old then new key | Fails |
Tests
OC5:FeatureTest-Can Rollover OP Encryption Key
Feature-Discovered issuer Matches openid-configuration Path Prefix
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Discovered issuer Matches openid-configuration Path Prefix|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Discovered issuer Matches openid-configuration Path Prefix - Maturity: New {{#if: OC5 | (OC5 ) }} | |||
|---|---|---|---|
| Discovered issuer Matches openid-configuration Path Prefix | Retrieve openid-configuration information for OP from its .well-known/openid-configuration path | Concatenating .well-known/openid-configuration to retrieved issuer matches openid-configuration path | Paths differ |
Tests
OC5:FeatureTest-Discovered issuer Matches openid-configuration Path Prefix
Feature-Discovered issuer Matches ID Token iss Value
{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|OP Features}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:Discovered issuer Matches ID Token iss Value|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||
| {{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} | {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}} list help [[Special:Call/DT Article copy,cat=Feature,from={{#var:page}},namespace=OC5|copy]] [[Special:Call/DT Articles list XML,type=Feature,title={{#var:page}},namespace=OC5|as XML]] edit |
| OP Discovered issuer Matches ID Token iss Value - Maturity: New {{#if: OC5 | (OC5 ) }} | |||
|---|---|---|---|
| Discovered issuer Matches ID Token iss Value | Obtain ID token and compare iss value to discovered issuer value | The iss and issuer values exactly match | The iss and issuer values differ |
Tests
OC5:FeatureTest-Discovered issuer Matches ID Token iss Value
