diff options
| -rw-r--r-- | share/man/ENVOY.md | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/share/man/ENVOY.md b/share/man/ENVOY.md index 0ea852c..7ad8b64 100644 --- a/share/man/ENVOY.md +++ b/share/man/ENVOY.md @@ -495,12 +495,10 @@ Provider, OIDC Relaying Party) depends on an exchange of public key information ahead of time (AoT). Without this pre-prequisite, none of the downstream assumptions about user authentication is valid. -The `id_token` in the OpenID Connect (OIDC) workflow represents the authentication context. -This _DOES NOT_ represent an authorization context. - -OpenID Core specification describes the `id_token` as a JWT and the JWT +The OpenID Core specification describes the `id_token` as a JWT and the JWT specification describes a set of standard claims that are found in the -JWT body. +JWT body. The `id_token` in the OpenID Connect (OIDC) workflow represents the authentication context. +This _DOES NOT_ represent an authorization context. ### Authorization |