W3C home > Mailing lists > Public > public-solid@w3.org > October 2020

Re: How does the identity provider return two tokens?

From: Aaron Coburn <acoburn@apache.org>
Date: Sun, 11 Oct 2020 10:52:26 -0400
Message-ID: <CAD4uyLfL6RDJBdTD5rXYM5_MGQRMf8fbH5Og9pg=b6YF=6QZDg@mail.gmail.com>
To: divoplade <d@divoplade.fr>
Cc: public-solid <public-solid@w3.org>
Right, of course:

{
  ... ,
  "token_type": "DPoP",
  ...
}



On Sun, 11 Oct 2020 at 10:29, divoplade <d@divoplade.fr> wrote:

> Hello Aaron,
>
> Le dimanche 11 octobre 2020 à 10:02 -0400, Aaron Coburn a écrit :
> > Returning two (or more) tokens is a standard part of OIDC. You can
> > read about it at
> > https://openid.net/specs/openid-connect-core-1_0.html#TokenResponse
>
> Thank you for this pointer. I realize that the response is not provided
> by redirection for the token endpoint, which makes a lot of sense.
>
> > {
> >    "access_token": "<DPoP-bound Access Token as JWT>",
> >    "token_type": "Bearer",
> >    "refresh_token": "<Refresh Token>",
> >    "expires_in": 3600,
> >    "id_token": "<ID Token as JWT>"
> >   }
>
> Should the token_type not be "DPoP" instead of "Bearer", as prescribed
> by DPoP?
>
>
Received on Sunday, 11 October 2020 14:53:04 UTC

This archive was generated by hypermail 2.4.0 : Sunday, 11 October 2020 14:53:05 UTC