Merge pull request #50 from solid/webid-link-header

Add support for link header discovery
solid · Oct 11, 2021 · f28cad5 · f28cad5
2 parents d6b8626 + c994849
commit f28cad5
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/index.bs b/index.bs
@@ -407,6 +407,17 @@ This prevents a malicious identity provider from issuing valid Access Tokens for
 Unless the RS acquires IdP keys through some other means, or the RS chooses to reject tokens issued by this IdP,
 the RS MUST follow OpenID Connect Discovery 1.0 [[!OIDC.Discovery]] to find an IdP's signing keys (JWK).
 
+### WebID Issuer Discovery via Link Headers ### {#webid-issuer-discovery}
+
+A server hosting a WebID document MAY transmit the `http://www.w3.org/ns/solid/terms#oidcIssuer` values via Link Headers but it MUST be the same as in the RDF representation. A client MUST treat the RDF in the body of the WebID document as canonical but MAY use the Link Header values as an optimization.
+
+<div class="example">
+    <pre highlight="http">
+        Link: <https://oidc.example>; rel="http://www.w3.org/ns/solid/terms#oidcIssuer"; anchor="#id"
+    </pre>
+</div>
+
+
 # Solid-OIDC Conformance Discovery # {#discovery}
 
 An Identity Provider that conforms to the Solid-OIDC specification MUST advertise this in the OpenID Connect