The Hypothetical Security Event Token of Login

[andrei-galkin]

Hi guys,
I have checked the RFC and was not able to find any example of login.

Could you help to build any? It would be helpful if you add it into the RFC, I think.

Hypothetical Security Event Token of Login.

 {
     "iss": "https://server.example.com",
     "sub": "248289761001",
     "aud": "s6BhdRkqt3",
     "iat": 1471566154,
     "jti": "bWJq",
     "sid": "08a5019c-17e1-4977-8f42-65a12843ea02",
     "events": {
       "http://schemas.openid.net/event/backchannel-logout": {
       “user” : {
          “name”: “user@example.com”
        }
       }
     }
   }

[timcappalli]

@andrei-galkin which RFC are you referring to? SSF and SSF events are defined in OpenID specifications which are profiles of various IETF RFCs.

If you're looking for a way to signal a logout event, the CAEP Session Revoked event may work for the use case: https://openid.net/specs/openid-caep-specification-1_0.html#rfc.section.3.1