[mitreid-connect] Creation of the ID token using the user name only.

Justin Richer jricher at mit.edu
Thu Sep 1 10:15:41 EDT 2016


No, this is not an ID token anymore. Why dio you need a token like that anyway? 
Sounds like you're doing a back end access on behalf of a user without involving the user. This is usually a dangerous pattern, and most of the time the normal authorization code flow is preferred. 


--Justin
 Sent from my phone
-------- Original message --------From: Michael Furman <michael_furman at hotmail.com> Date: 9/1/16  4:57 PM  (GMT+02:00) To: mitreid-connect at mit.edu Subject: [mitreid-connect] Creation of the ID token using the user name only. 




Hi all,
Is it possible to create the ID token using the user name only?
I need to access from one application to another using the REST API while I have in my hand only the user name.
 
Both applications trust each other and therefore I do not need to authenticate a user.
(In addition I can not authenticate a user since I do not have a user password).
How is possible to do it using mitreid-connect?
Thank you in advance for your help.
Best regards,
   Michael





-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/mitreid-connect/attachments/20160901/cd60b778/attachment.html


More information about the mitreid-connect mailing list