Revision as of 14:31, 2 March 2021 by Tom (Created page with "==Full Title or Meme== Wherever a Relying Party or Verifier wants to get information about the provider of an Assertion they can user Provider Discovery. ==Con...")
Full Title or Meme
- OpenID Connect Federation 1.0 - draft 10
The OpenID Connect standard specifies how a Relying Party (RP) can discover metadata about an OpenID Provider (OP), and then register to obtain RP credentials. The Provider Discovery and registration process does not involve any mechanisms of dynamically establishing trust in the exchanged information, but instead rely on out-of-band trust establishment. In an identity federation context, this is not sufficient. The participants of the federation must be able to trust information provided about other participants in the federation. OpenID Connect Federations specifies how trust can be dynamically obtained by resolving trust from a common trusted third party.