search

openid / sharedsignals

OpenID Shared Signals Working Group Repository
45 stars 11 forks source link

The Hypothetical Security Event Token of Login #138

Open andrei-galkin opened 5 months ago

andrei-galkin commented 5 months ago

Hi guys, I have checked the RFC and was not able to find any example of login.

Could you help to build any? It would be helpful if you add it into the RFC, I think.

Hypothetical Security Event Token of Login.

 {
     "iss": "https://server.example.com",
     "sub": "248289761001",
     "aud": "s6BhdRkqt3",
     "iat": 1471566154,
     "jti": "bWJq",
     "sid": "08a5019c-17e1-4977-8f42-65a12843ea02",
     "events": {
       "http://schemas.openid.net/event/backchannel-logout": {
       “user” : {
          “name”: “user@example.com”
        }
       }
     }
   }
timcappalli commented 5 months ago

@andrei-galkin which RFC are you referring to? SSF and SSF events are defined in OpenID specifications which are profiles of various IETF RFCs.

If you're looking for a way to signal a logout event, the CAEP Session Revoked event may work for the use case: https://openid.net/specs/openid-caep-specification-1_0.html#rfc.section.3.1