urn:coreone:authentication:qoa:user:max / urn:coreone:authentication:loa:user:max
- Silvan Grüter
- Andreas Marinello
- Witold Wabik
- Former user (Deleted)
Owned by Silvan Grüter
[ 1 Introduction ]
Introduction
Some applications including the CoreOne Self-Service Portal have the requirement to let the user log in again (also known as re-authentication) for certain actions. For this login, however, the QoA of the current application should not be used, but the highest authentication level that the user has set up. For example, a simple user name and password authentication can be configured for the CoreOne Self-Service Portal, but it should go through the highest LoA set up to change its personal data. This can be achieved by means of a special LoA that is available as standard:
https://server.example.com/connect/authorize?
response_type=code
&scope=openid%20profile%20email
&client_id=s6BhdRkqt3
&state=af0ifjsldkj
&redirect_uri=https%3A%2F%2Fclient.example.org%2Fc
&acr_values=urn%3Acoreone%3Aauthentication%3Aqoa%3Auser%3Amax [which is url-encoded urn:coreone:authentication:qoa:user:max]© ITSENSE AG. Alle Rechte vorbehalten. ITSENSE und CoreOne sind eingetragene Marken der ITSENSE AG.