OIDC dynamic registration policy ID

Wessel, Keith kwessel at illinois.edu
Tue Apr 26 22:36:46 UTC 2022


Been staring at this sentence since Friday hoping to have a lightbulb moment. Since it hasn't come yet, I thought I'd just ask.

The policyId parameter of the OIDC dynamic registration endpoint in 4.2 says it's value: "Identifies a metadata policy by means of an identifier that maps back to a matching/named RelyingParty override." That partly makes sense: I can configure a different policy file for the OIDC registration profile in that relying party override. I get stuck on the actual value of the policyId parameter and what it would look like in the RP override. I'm used to relying party overrides by name (with SAML entity IDs or OIDC client IDs as the name) or by metadata group or entity attribute. If I had a policyId=foo, what would that look like in relying-party.xml? Just a relying party by name with a name of "foo"? Do I just put the policy ID where I would normally put an entity ID?


More information about the users mailing list