This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
OpenID Connect MODRNA Authentication Profile 1.0
OpenID Connect MODRNA Authentication Profile 1.0

Version management

Difference between version and

At line 1 added 28 lines
!!! Overview[1]
[{$pagename}] ([MODRNA]) is a profile of the [OpenID Connect Core 1.0] specification that defines common [authentication] [contexts] and further extensions to [OpenID Connect] Core to be used when requesting [authentication] from [Mobile Network Operators].
[{$pagename}] also defines [Mandatory|REQUIRED] to Implement features for [Mobile Network Operators] to assure interoperability of clients across [Mobile Network Operators].
[{$pagename}] defines additional Request parameters in the [Authentication Request].
[{$pagename}] also specifies [Authentication Context Class Reference] values based on the ISO/IEC DIS 29115 [ISO 29115] to be used for the "[acr_values]" request parameter.
[MODRNA] supports all request parameters as specified in [OpenID Connect Core 1.0] section 3.1.2.1 [OpenID.Core] and in addition the following parameters are defined or made [REQUIRED] for clients to send. All additional paramaters are [REQUIRED] for [OpenID Connect Provider] to support.
! [acr_values]
[REQUIRED]. In [OpenID.Core] this parameter is specified as [OPTIONAL]. For MODRNA this parameter is REQUIRED in order to enable the Relying Party to indicate a MODRNA conform authentication request to the [OpenID Connect Provider]. Allowed values are defined [{$pagename}] Section 4.
! [login_hint_token]
[OPTIONAL]. This is a __new parameter__. The [login_hint_token] is used to transport a user identifier from the [Discovery Service|Discovery Mechanism] to the [OpenID Connect Provider] without revealing this identifier to the client. [{$pagename}] Section 6 specifies the structure of this parameter. Protection of the [login_hint_token]'s content is specified in [{$pagename}] Section 6.1.
! [binding_message]
[OPTIONAL]. This is a __new parameter__. An Interlock message to tie the consumption [device|Mobile Device] and the [authentication] device together. How to ensure that the message is actually shown on all relevant devices is out of the scope of this document. Possible values and constraints are specified in [{$pagename}] Section 7. Ways to protect the integrity of the [binding_message] are discussed in [{$pagename}] Section 9.
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [openid-connect-modrna-authentication-1_0|https://openid.net/specs/openid-connect-modrna-authentication-1_0-06.html|target='_blank'] - based on information obtained 2017-03-07-
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop