Menu
▾
▴
Re: [Unity-idm-discuss] Claims in id token
|
From: Sander A. <sa....@fz...> - 2022-03-08 06:20:07
|
Good morning Krzysztof, sorry for the delay. I had this still on my agenda. I think this would work, too. I fully understand that the request of individuell claims is a lot of work with very few usage. Cheers, Sander On Mon, 2022-03-07 at 15:31 +0100, Krzysztof Benedyczak wrote: > hi, > > W dniu 01.03.2022 o 17:06, Krzysztof Benedyczak pisze: > > Hi, > > > > W dniu 01.03.2022 o 09:46, Sander Apweiler pisze: > > > Good morning, > > > > > > a short addition. It is not only the oidc-agent witch has a > > > problem > > > with the token size. EUDAT B2SAFE has it as well because they use > > > the > > > token as password in iRODS and this has also limitations in size. > > > > > > And yes the most problems for switching the scopes would be for > > > the > > > users of the oidc-agent. Because all other set them once. > > > > So maybe after all a proprietary request flag saying "add all > > claims > > to JWT AT"? Proprietary, but also dead simple and addressing your > > use > > cases in a direct way. > > Sander, any opinions here? > > Wrt to Marcus proposal, the name of the parameter can be "scopes_at" > (or > alike). > > That said I'm very doubtful whether this should go inside the > 'claims' > request parameter. Which as spec says is to request individual claims > and would be counter intuitive to use it for specifying which scopes > should go to AT (and we would need to support the base spec, which is > kinda "ton of work and no one will use it"). > > Best, > Krzysztof > -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Volker Rieke Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
