search

OpenBanking-Brasil / specs-seguranca

Documentação das especificações do GT de Segurança do Open Banking Brasil. As especificações ainda estão em versão draft e não devem ser utilizadas para implementação.
66 stars 46 forks source link

CIBA spec needs more detail has to how cnpj / cpf claims are requested by client #286

Closed jogu closed 1 year ago

jogu commented 2 years ago

The BR CIBA spec says:

3. shall support the oidc standard claim "cpf" as defined in clause 5.2.2.2 of [FAPI-BR]
4. shall support the oidc standard claim "cnpj" as defined in clause 5.2.2.3 of [FAPI-BR] if providing access to resources where the resource owner is not a `natural person`

however the underlying CIBA spec provides no mechanism for requesting these claims, as OIDC claims are not directly supported.

https://openbankinguk.github.io/read-write-api-site3/v3.1.10/profiles/read-write-data-api-profile.html#identifying-the-consent-to-be-authorised solves a similar issue of passing the UK intent id by defining a custom member of the CIBA request instead.

pedro-octavio-andrade commented 1 year ago

Inclusão de claims de identidade será esclarecido no manual de implementação.