Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Explainer is vague on how tokenURL works #51

Open
cbiesinger opened this issue Oct 3, 2024 · 2 comments
Open

Explainer is vague on how tokenURL works #51

cbiesinger opened this issue Oct 3, 2024 · 2 comments

Comments

@cbiesinger
Copy link

The explainer talks about a tokenURL that can be provided to fetch a token from the IdP after an account is selected.

But the explainer is vague on exactly how the fetch should be done and what data is provided. Perhaps (?) it should happen in the same way as FedCM Full does it, although there is no mention of an accountId in the proposal, making this harder.

Basically, it would be nice to know if the fetch will happen with GET or POST and with which parameters, if any.
@ekovac
Copy link
Contributor

ekovac commented Oct 3, 2024

Agreed, this needs to be made more explicit. I believe we came to an agreement that, yes, this will use the same behavior as the assertion endpoint from FedCM. #42 (comment)

@cbiesinger
Copy link
Author

That makes sense. I guess someone needs to figure out how to deal with the account_id the assertion endpoint sends right now.

@philsmart philsmart mentioned this issue Oct 8, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ekovac @cbiesinger