We use the following notation for a cleared parameter intent. If you have worked on OpenID before, you may be more familiar with the OpenID specific parameter values, so here is an overview:
|URL.IDC||openid.claimed_id||The identity requested by the Client C. In the context of OpenID, the identity is a URL e.g https://me.yahoo.com/a/identityname|
|URL.SP||openid.return_to||The URL of the Service Provider (SP), e.g. https://www.openstreetmap.org/login|
|URL.IdP||openid.op_endpoint||The URL of the Identity Provider (IdP), e.g. https://open.login.yahooapis.com/openid/op/auth|
|α||openid.assoc_handle||The value that identifies the signature verification key stored on the SP as well as on the IdP.|
|σ||openid.sig||This parameter contains the value of the token's signature. In fact, OpenID uses a Hash MAC (and not a signature), but has the OpenID specification uses the term “signature”, this Post will do this as well.|
There are a lot more parameters in OpenID:
- openid.ns defines the used protocol version, e.g.
- openid.response_nonce contains a timestamp suffixed with a
- openid.signed holds the parameter names that are signed, e.g.
- openid.ax.*, openid.sreg.* are extension parameters that can
be used to transfer additional information, e.g. an email address or