search

mitreid-connect / OpenID-Connect-Java-Spring-Server

An OpenID Connect reference implementation in Java on the Spring platform.
Other
1.48k stars 765 forks source link

Support for essential claims #980

Open praseodym opened 8 years ago

praseodym commented 8 years ago

The OIDC standard has support for marking claims as 'essential'; we should probably support this.

jricher commented 8 years ago

Agreed, we need deeper processing for the entire incoming claims object as in #473

gazbert commented 7 years ago

I'm willing to help out here if you don't mind me chipping away at a snail's pace - this is all new to me!

Perhaps we could deliver this functionality incrementally? Maybe start by supporting requests for only email scope claims in the id_token response - a bit like the Google Identity Server ID token response: https://developers.google.com/identity/protocols/OpenIDConnect

I've already started to play with the code and am currently returning some custom scoped claims in the ID token response for my use case.