From f73e5e0b7452ee65eb8af09dd2a083d9a09e71b2 Mon Sep 17 00:00:00 2001 From: Tonkku Date: Tue, 24 Sep 2024 17:51:17 +0300 Subject: [PATCH] Clarify prefix requirement --- proposals/4198-oidc-login-hint.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proposals/4198-oidc-login-hint.md b/proposals/4198-oidc-login-hint.md index 6d288bd83de..7736691bcbe 100644 --- a/proposals/4198-oidc-login-hint.md +++ b/proposals/4198-oidc-login-hint.md @@ -19,7 +19,7 @@ and send the user to the authorization endpoint ([MSC2964]), all in one step. To improve the UX of this flow, the MXID can be sent to the homeserver with the authorization request in the `login_hint`. In order to comply with the OpenID Connect specification, the requested scope must also include the `openid` scope. -The value of `login_hint` should be set to the user's MXID, prefixed with `mxid:` (e.g. `mxid:@example-user:example.com`). +The value of `login_hint` may be set to the user's MXID, and must be prefixed with `mxid:` (e.g. `mxid:@example-user:example.com`). Prefixing the value allows for more hint value types to be added in the future and for easy detection between them. The homeserver can then assist the user to complete the login flow with the correct account.