OIDC dynamic registration and requested scopes
cantor.2 at osu.edu
Wed Apr 29 19:06:33 EDT 2020
On 4/29/20, 6:49 PM, "users on behalf of Wessel, Keith" <users-bounces at shibboleth.net on behalf of kwessel at illinois.edu> wrote:
> Can anyone give me a clue why this might be happening or where I should look next?
The code comment says:
//TODO: Nimbus seems to be interpreting scope in different way as many RPs, currently the scope
//is removed in this phase, better solution TODO.
So that's "why" if not an answer.
Presuming that it's an optional field I would have advised rejecting the request rather than ignoring the field, unless it's explicitly defined to be advisory in the specification.
More information about the users