-
-
Notifications
You must be signed in to change notification settings - Fork 521
Labels
role:authorization_serverConcerns a server implementationConcerns a server implementation
Description
I've succesfully implemented an OAuth2/OIDC provider using authlib. But now stumbled upon a issue where a clients is not able to actually use the id_token (in addition to the access token, it can only use one token at a time). This shouldn't be an issue, as there's always the userinfo endpoint that can be read using the access token (or so I tought). I looked into adding the userinfo endpoint, but cannot find a implementation in authlib.
Describe the solution you'd like
I'd like there to be a (reference) implementation of the userinfo endpoint as described in section 5.3 of the OpenID Connect Core 1.0 spec.
Reactions are currently unavailable
Metadata
Metadata
Assignees
Labels
role:authorization_serverConcerns a server implementationConcerns a server implementation