solid-oidc
solid-oidc copied to clipboard
solid
The repository for the Solid OIDC authentication specification.
All resources used in the context of Solid Authentication and Authorization MUST use a secure protocol. Namely, a WebID used for Authentication MUST use the https protocol. That is true...
In step 13 of the [Primer](https://solid.github.io/solid-oidc/primer/#request-flow-step-13), the resulting access token is a plain Bearer token. It would be helpful to clarify whether this token may, should or should not be...
Because of its decentralized nature, authentication in Solid relies on the trust between a Client and an Identity Provider (OP). This trust can partially be based on the trust between...
Part of #207 This draft is intended as collaborative scratchpad. We can use inline suggestions to propose and discuss changes. ### TODO * [ ] OP advertises automatic registration *...
In the current specification, the [section on `Link` headers](https://solid.github.io/solid-oidc/#oidc-issuer-discovery-link-headers) says that "a client MUST treat the RDF in the body of the WebID Profile as canonical." Is there a specific...
This issue brings in several related issues, including #199, #95, #202 and #201, reframing the issue as the following: The Solid-OIDC specification currently makes use of globally unique `client_id` values,...
Hi. I have been reading the Solid-OIDC and Solid-OIDC Primer specifications and I don't find any information regarding the `solid:oidcIssuer` information that should be publicly available. I think it would...
I've been reading through some issues and other specifications, and I'm wondering if it would make sense or be possible for us to define some additional fields for the Client...
While tryint to combine Solid-OIDC config with SAI app identity statements in the [JSON-LD Playground](https://json-ld.org/playground), I stumbled upon the following practical annoyance, which I could only circumvent by diverting from...
While experimenting in the [JSON-LD Playground](https://json-ld.org/playground), I stumbled upon the following issue, which I could only solve by diverting from the [mandated JSON-LD context](https://www.w3.org/ns/solid/oidc-context.jsonld). Starting from the [example Client ID...