[keycloak-dev] User ids and usernames
Bill Burke
bburke at redhat.com
Fri Feb 7 08:57:56 EST 2014
On 2/7/2014 3:20 AM, Stian Thorgersen wrote:
>
>
> ----- Original Message -----
>> From: "Bill Burke" <bburke at redhat.com>
>> To: "Stian Thorgersen" <stian at redhat.com>
>> Cc: keycloak-dev at lists.jboss.org
>> Sent: Friday, 7 February, 2014 3:37:39 AM
>> Subject: Re: [keycloak-dev] User ids and usernames
>>
>>
>>
>> On 2/6/2014 11:05 AM, Stian Thorgersen wrote:
>>>> Yeah, but wanting to know username, first, last, and/or email is just so
>>>> common it should be optimzied.
>>>
>>> Have you read OpenID Connect spec yet? Is there anything like that in
>>> there?
>>>
>>
>> I read a little bit more...and of course... its in there :) Somebody
>> must be actually using this spec for real apps instead of just writing
>> it. ;)
>>
>> A "Successful Token Response" contains the access token, expiration, and
>> the ID Token.
>>
>> ID token can have a bunch of useful shit in it.
>>
>> http://openid.net/specs/openid-connect-core-1_0.html#StandardClaims
>>
>> I claim OpenID work :) I'll do it after Alpha 2.
>
> Cool, it'll be nice to have it in :)
>
> How about refresh tokens? and implicit flow?
We have to support implicit flow? I thought that was a huge security hole?
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list