Class: OpenIDConnectAuthenticationRequestClass
An Authentication Request compliant with OpenID Connect 2.0 section 3.1.2.1 with any extensions supported by GOV.UK One Login.
JSON schema: OpenIDConnectAuthenticationRequest.json
URI: di_vocab:OpenIDConnectAuthenticationRequestClass
Parents
Attributes
Own
- vtr 0..*
- Description: The Vector of Trust request. If not specified the default value
Cl.Cmis used. Further information can be found in Vectors of Trust RFC - Range: String
- Description: The Vector of Trust request. If not specified the default value
- prompt 0..1
- Description: Use the value
loginto force a user to authenticate again even if they have an existing session. If this is not set a user will authenticate silently if they have an existing session. - Range: String
- Description: Use the value
- claims 0..1
- Description: The claims. This value will detail what additional claims, if any, are required from the /userinfo endpoint after a successful authentication request. This value should be URL-encoded JSON.
- Range: String
- scope 1..1
- Description: The scope. A space-separated list of scopes which must include the
openidvalue. Other options areemail,phoneandoffline_access(returns a refresh token). Other custom scopes are available for internal requests. - Range: String
- Description: The scope. A space-separated list of scopes which must include the
Inherited from AuthorizationRequestClass:
- iss 0..1
- Description: The
iss(issuer) claim identifies the principal that issued the JWT. - Range: Uri
- Description: The
- sub 0..1
- Description: The
sub(subject) claim identifies the principal that is the subject of the JWT. - Range: Uri
- Description: The
- nbf 0..1
- Description: The
nbf(not before) claim identifies the time the JWT is valid from. - Range: Integer
- Description: The
- exp 0..1
- Description: The
exp(expiration time) claim identifies the time the JWT expires. - Range: Integer
- Description: The
- aud 0..1
- Description: The
aud(audience) claim identifies the recipients that the JWT is intended for. - Range: Uri
- Description: The
- iat 0..1
- Description: The
iat(issued at) claim identifies the time at which the JWT was issued. - Range: Integer
- Description: The
- jti 0..1
- Description: The
jti(JWT ID) claim identifies the unique identifier of the JWT. - Range: Uri
- Description: The
- response_type 1..1
- Description: The response type. This value currently needs to be set to the value
code. - Range: String
- Description: The response type. This value currently needs to be set to the value
- client_id 1..1
- Description: The client id. This value is the client id the Relying Party service was provided with for identification upon registration. Internal system requests will use an internal client id.
- Range: StringOrURI
- state 1..1
- Description: The state. This value is used to validate the response sent to the redirect URI. This value will be returned to the client in the authentication response.
- Range: String
- redirect_uri 1..1
- Description: The redirect uri. This value must exactly match one of the redirect uris registered by the Relying Party service and must be URL-encoded.
- Range: Uri
- nonce 1..1
- Description: The nonce. A random value provided from the ID token to verify the integrity of the ID token.
- Range: String
Other properties
| See also: | ../json-schemas/OpenIDConnectAuthenticationRequest.json |