8. • Request
attributes
via
the
scope
attribute
(in
the
grant
request)
and
get
them
in
the
ID
Token
• Request
attributes
via
the
claims
attribute
(in
the
grant
request)
and
get
them
in
the
ID
Token
• Request
attributes
from
the
userinfo
endpoint,
passing
the
access
token.
9. OpenID
OpenID
Connect
Authentication
Authentication
+
Access
Delegation
Discovery
based
on
Yadis
Discovery
based
on
WebFinger
Name-‐value
pairs
JSON
Signature
based
DF
JSON
Web
Signature
No
encryption
–
based
on
transport
channel
JSON
Web
Encryption