<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview[1]
[{$pagename}] ([MODRNA]) is a profile of the [OpenID Connect Core 1.0] specification that defines common [authentication] [contexts] and further extensions to [OpenID Connect] Core to be used when requesting [authentication] from [Mobile Network Operators]. 

[{$pagename}] also defines [Mandatory|REQUIRED] to Implement features for [Mobile Network Operators] to assure interoperability of clients across [Mobile Network Operators].

[{$pagename}] defines additional Request parameters in the [Authentication Request]. 

[{$pagename}] also specifies [Authentication Context Class Reference] values based on the ISO/IEC DIS 29115 [ISO 29115] to be used for the &quot;[acr_values]&quot; request parameter.

[MODRNA] supports all request parameters as specified in [OpenID Connect Core 1.0] section 3.1.2.1 [OpenID.Core] and in addition the following parameters are defined or made [REQUIRED] for clients to send. All additional paramaters are [REQUIRED] for [OpenID Connect Provider] to support.

! [acr_values]
[REQUIRED]. In [OpenID.Core] this parameter is specified as [OPTIONAL]. For MODRNA this parameter is REQUIRED in order to enable the Relying Party to indicate a MODRNA conform authentication request to the [OpenID Connect Provider]. Allowed values are defined [{$pagename}] Section 4.

! [login_hint_token]
[OPTIONAL]. This is a __new parameter__. The [login_hint_token] is used to transport a user identifier from the [Discovery Service|Discovery Mechanism] to the [OpenID Connect Provider] without revealing this identifier to the client. [{$pagename}] Section 6 specifies the structure of this parameter. Protection of the [login_hint_token]'s content is specified in [{$pagename}] Section 6.1.

! [binding_message]
[OPTIONAL]. This is a __new parameter__. An Interlock message to tie the consumption [device|Mobile Device] and the [authentication] device together. How to ensure that the message is actually shown on all relevant devices is out of the scope of this document. Possible values and constraints are specified in [{$pagename}] Section 7. Ways to protect the integrity of the [binding_message] are discussed in [{$pagename}] Section 9.




!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [openid-connect-modrna-authentication-1_0|https://openid.net/specs/openid-connect-modrna-authentication-1_0-06.html|target='_blank'] - based on information obtained 2017-03-07- 
</pre>