NIEF TPAT | TD: OpenID Connect RP Requirements

OpenID Connect RP Requirements - User Interface, v1.0

The user interface requirements when implementing an OpenId Relying Party.

Assessment Steps (3)

1 OIDC Link (OIDCLink) Does the system provide a link that the user can select to initiate an OIDC transaction? Artifact URL of Page with OIDC Link Provide the URL of the system's website page that includes an OIDC link, or provide a screenshot of the page.
2 Discovery (Discovery) Does the system provide a mechanism for handling OP discovery? Artifact Discovery Details Provide screenshots and/or an explanation of how the system supports OP discovery (e.g., local mechanism, centralized service, dynamic/automatic discovery, etc.)
3 Authn Request (AuthnRequest) Upon selection of an OP from the OIDC login page, does the system initiate an OIDC authentication request to the selected OP? Artifact OIDC Authentication Request Artifact Provide a header trace including the OIDC authentication request generated by the system.

Conformance Criteria (3)

OIDC Link Provided The system MUST provide a link or other mechanism that a user can select to initiate an OIDC transaction. Citation NIEF Discussion/Review
Discovery Supported The system MUST provide a mechanism through which it can discover the user's OpenID Provider (OP) system. Citation NIEF Discussion/Review
SSO Initiated Upon user selection of an OP, the system MUST generate an OIDC Authentication Request and send it to the selected OP. Citation NIEF Discussion/Review

Show Metadata, Sources & Terms

Hide Metadata, Sources & Terms

Metadata

Identifier

https://trustmark.nief.org/tpat/tds/icam-oidc-rp-ui/1.0/

Publication Date

2021-06-25

Issuing Organization

NIEF (https://nief.org/) View Contact

NIEF Support

help@nief.org

No telephone

No Mailing Address

Keywords

NIEF, Federated ICAM, OpenID Connect, OIDC, Relying Party, RP, Client, User Interface, UI

Issuance Criteria

yes(all)

Legal Notice

This artifact is published by the National Identity Exchange Federation (NIEF). This artifact and the information contained herein is provided on an "AS IS" basis, and NIEF disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, NIEF disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.

Sources (1)

NIEF	NIEF Technical Guidance

Terms (6)

Term Name	Abbreviations	Definition
Client		A system or software entity that communicates with with a server. Within OpenID Connect (and the related Oauth 2.0 framework on which OpenID Connect is built), client is an alternate term for a relying party.
Federated Identity, Credential, and Access Management	Federated ICAM	Refers to a comprehensive approach for dealing with digital identities (and associated attributes), credentials, and access control within a federated environment (across jurisdictional boundaries).
National Identity Exchange Federation	NIEF	National law enforcement and public safety information sharing trust framework.
OpenID Connect	OIDC	A set of JavaScript Object Notation (JSON) data structures and messaging protocols designed to enable single sign-on between system entities.
Relying Party	RP	Alternate term for a service provider.
User Interface	UI	The means by which the user and a computer system interact, in particular through the use of input devices and software.

Also available as XML or JSON