AppAuth-Android icon indicating copy to clipboard operation
AppAuth-Android copied to clipboard
verified publisher icon openid

Support "max_age" OpenID Connect auth request parameter

Open iainmcgin opened this issue 9 years ago • 1 comments

OpenID Connect Core 1.0, Section 3.1.2.1, max_age parameter:

OPTIONAL. Maximum Authentication Age. Specifies the allowable elapsed time in seconds since the last time the End-User was actively authenticated by the OP. If the elapsed time is greater than this value, the OP MUST attempt to actively re-authenticate the End-User. (The max_age request parameter corresponds to the OpenID 2.0 PAPE max_auth_age request parameter). When max_age is used, the ID Token returned MUST include an auth_time Claim Value.

iainmcgin avatar Mar 07 '16 01:03 iainmcgin

#invalid possible via additionalParameters as stated out by @Lee-Hounshell-at-MarianaTek

childnode avatar Oct 26 '22 19:10 childnode