From f861e126dd0e831e2448775c634fc215f0166a7e Mon Sep 17 00:00:00 2001 From: jricher Date: Thu, 25 Apr 2013 13:39:17 -0700 Subject: [PATCH] Updated Features (markdown) --- Features.md | 27 +++++++++++---------------- 1 file changed, 11 insertions(+), 16 deletions(-) diff --git a/Features.md b/Features.md index aae5ab7..80f48a4 100644 --- a/Features.md +++ b/Features.md @@ -5,12 +5,12 @@ This page details our compliance level with the OpenID Connect specifications. The following features are fully supported in our current implementation. * Authorization code flow -* Implicit flow (pending an upstream change) +* Implicit flow * UserInfo endpoint * Manual client management through an administrator console * HTTP Basic Auth for client authentication -* SWD discovery endpoint -* XRD discovery endpoint +* Webfinger discovery endpoint +* OpenID Configuration discovery endpoint * JWK public key endpoint * Standard scopes: openid, phone, address, email, profile * Additional arbitrary scopes @@ -18,23 +18,18 @@ The following features are fully supported in our current implementation. * RSA Signing * HMAC Signing * RSA Encryption -* Client filter with static single-server configuration -* Client filter with static multi-server configuration (using our Account Chooser) +* Dynamic registration endpoint +* Client filter +* Client filter dynamic registration +* Account chooser / third party login +* Request Objects (signed) +* Introspection Endpoint +* Revocation Endpoint +* Token chaining ## Currently unsupported / pending implementation / incomplete The following features are not supported yet, but will be at some point. If we have a projected target for a given feature it will be listed here; if there is no projected target, that only means that we haven't set a target yet, not that it won't happen. -* Dynamic Client Registration (Fall FY12) * Session management (FY13) -* X509 (Currently investigating how to publish our public keys as X509 certs) -* Request Object (Signed - in the works / Encrypted) * Request File (Signed / Encrypted) -* Introspection endpoint (stubbed out, pending community standardization) -* Revocation endpoint (somewhat functional) - -## Not targeted - -The following features are things that we are not planning on supporting with our implementation, though we welcome pull requests and patches to incorporate these features: - -* Dynamic client filter configuration (full server discovery)