OpenID Vocabulary Extension for OTTO
This specification defines terms to enable OTTO federations to facilitate the collaboration of Participants deploying OpenID Connect services.
The Open Trust Taxonomy for Federation Operators ("OTTO") defines an extension mechanism to allow the community to add functionality in a community compatible way. This specification was developed to enable OTTO federations to support OpenID Connect based identity services, and defines all the terms defined in the JSON-LD context file which the extension covers.
1.1 Notational Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].
Unless otherwise noted, all protocol properties and values are case sensitive.
Table 1: OpenID Provider
|configuration_endpoint||URI||URL for .well-known/openid-configuration|
|metadataStatement||MetadataStatement or array of MetadataStatement||Claims about this OP signed by the federation|
|signingKey||Text||Public part of the OP's signing key|
|signed_jwks_uri||URL||URL for the OP configuration data|
Table 2: OpenID Relying Party
|metadataStatement||MetadataStatement or array of MetadataStatement||Signed JWT issued by Federation|
Table 3: User Claim
|additionalType||URL||More specific type for the claim|
|oid||Text||IANA object identifier for the attribute|
|associatedScope||Scope or array of Scope||This release of this claim is authorized by allowing the respective scope(s)|
Table 4: Scope
|userClaim||UserClaim or array of UserClaim||Claims released by authorizing this scope|
Table 6: Categories
|UserClaim||SchemaCategory||Piece of information about a person|
|Scope||SchemaCategory||Authorization to access information about a person|
|Acr||SchemaCategory||A workflow for authentication|
|OpenID||MetadataCategory||Facilitates search of metadata for a federation|
|OP||EntityCategory||Identifies entity as an OpenID Provider|
|RP||EntityCategory||Identifies entity as an OpenID Relying Party|
The following people made significant text contributions to the specification:
- Manu Sporny, Digital Bazaar
Additional contributors to this specification include the Kantara OTTO Work Group participants, a list of whom can be found at [OttoWgParticipants].
4.1 Normative References
4.2 Informative References