Overview#

Id_token_hint is an OPTIONAL parameter within the Authorization Request that indicates previously issued by the Authorization Server that is being passed as a hint about the End-User's current or past authenticated session with the OAuth Client.

If the End-User identified by the Identity Token is Logged in or is logged in by the request, then the Authorization Server returns a positive response; otherwise, it SHOULD return an error.

When possible, an Id_token_hint SHOULD be present when prompt=none is used and an Invalid_request OAuth Error MAY be returned if it is not; however, the server SHOULD respond successfully when possible, even if it is not present. The Authorization Server need not be listed as an audience of the Identity Token when it is used as an Id_token_hint value.

More Information#

There might be more information for this subject on one of the following:

• Authentication Request
• Authorization Request Parameters
• OAuth Parameters Registry