Skip to content

SL1 - how to let IdP dictate RP session lifetime in OpenID Connect #60

@aaronpk

Description

@aaronpk

SAML defines the SessionNotOnOrAfter claim to give the IdP a way to tell the RP how long to set the session as a timestamp. There is no equivalent claim currently defined in OpenID Connect.

We should decide whether to define this as an OpenID Connect extension in the AB working group, or just define a new ID token claim in IPSIE.

Metadata

Metadata

Assignees

No one assigned

    Labels

    January 2026 InteropExpected to be completed by end of Sept. 2025 for the Jan. 2026 interop.sl1

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions