Closed atalis closed 7 years ago
https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata
issuer property is REQUIRED for the discovery document, and it's necessary to have the expected issuer identifier for ID Token validation defined in http://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation
According to the specifications (https://openid.net/specs/openid-connect-discovery-1_0.html#IssuerDiscovery) the "issuer" parameter is OPTIONAL. But because of #39 it is now required. What was a rational for this? We have no use for this parameter, and I don't even know what to put in.