solid-oidc
solid-oidc copied to clipboard
solid
The repository for the Solid OIDC authentication specification.
Use `dfn` and `abbr` where appropriate, e.g., "OP", and in some cases link back to the definition.
This is a proposal to change the `webid` claim to `solid` in access tokens and ID tokens. The background for this is severalfold: 1. The current `webid` claim is very...
When making a request to the token endpoint of an OIDC provider, a client usually authenticates itself. Client authentication methods at the token endpoint are described in the [OpenID spec](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication)...
During AuthZ panel [we discussed some scenarios](https://github.com/solid/authorization-panel/blob/main/meetings/2022-03-02.md#default-client-based-restrictions) where WebID Profile shouldn't disclose some specific OIDC issuers. Those cases relate mostly to cases where certain security domain requires specific OP, but...
We might want to consider integrating this draft recommendation in the solid auth spec: https://openid.net/specs/openid-connect-prompt-create-1_0.html as it would be especially useful for Solid. Traditional OIDC presupposes that a user is...
Capturing from #51 > @elf-pavlik: I think it's worth considering if we should keep the added complexity by having an implicit mechanism. > @RubenVerborgh: A reason for that would be:...
Neither OAuth2.0, nor OpenID Connect (nor, currently, Solid-OIDC), specifies how to let a user/subject add or change claims — and, by extension, their identifying information (e.g. `sub` and `webid` claims)....
## Context For our use case we have a number of server-side applications which need to access resources in Solid Pods using an organisation-level WebID. Before, we used an oAuth...
This comes out of https://github.com/solid/notifications/issues/35 Even if this doesn't affect spec we should probably show how it can be done in the primer. For the End-user it should be transparent...