By: kesavan dhilip user 09 May 2018 at 9:34 a.m. CDT

1 Response

hi, I don't want my client to override the default acr value. I need that to be integrated because my architecture requires it. Please provide a solution for it, it's very much required for me. I have already raised ticket on this but it was closed. Please refer to the ticket number below. Ticket Id = #5393 thanks Kesavan

Ubuntu 17.1

closed

By Aliaksandr Samuseu staff 09 May 2018 at 10:13 a.m. CDT

Copy

Hi, Kesavan. I believe Michael's answer in the previous ticket was clear enough. Method actually used by OP to authenticate a user is returned in `id_token`, so RP/client can verify it is the one they expect. There is no way to specify list of acceptable methods per client at the moment. Feel free to submit a feature request at Github for it (though no ETA for such things unless it's a request from a customer). Your best solution for now seems to be the one Michael proposed - to use a signed request object, or pass request by reference.

You need to Login in order to post an answer

Two factor authentication - default acr value

By: kesavan dhilip user 09 May 2018 at 9:34 a.m. CDT

Answers

By Aliaksandr Samuseu staff 09 May 2018 at 10:13 a.m. CDT

Post an answer