[mitreid-connect] Creation of the ID token using the user name only.
Justin Richer
jricher at mit.edu
Thu Sep 1 10:15:41 EDT 2016
No, this is not an ID token anymore. Why dio you need a token like that anyway?
Sounds like you're doing a back end access on behalf of a user without involving the user. This is usually a dangerous pattern, and most of the time the normal authorization code flow is preferred.
--Justin
Sent from my phone
-------- Original message --------From: Michael Furman <michael_furman at hotmail.com> Date: 9/1/16 4:57 PM (GMT+02:00) To: mitreid-connect at mit.edu Subject: [mitreid-connect] Creation of the ID token using the user name only.
Hi all,
Is it possible to create the ID token using the user name only?
I need to access from one application to another using the REST API while I have in my hand only the user name.
Both applications trust each other and therefore I do not need to authenticate a user.
(In addition I can not authenticate a user since I do not have a user password).
How is possible to do it using mitreid-connect?
Thank you in advance for your help.
Best regards,
Michael
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/mitreid-connect/attachments/20160901/cd60b778/attachment.html
More information about the mitreid-connect
mailing list