Technical Summary
The "amr" (Authentication Methods References) claim is defined and
registered in the IANA "JSON Web Token Claims" registry but no
standard Authentication Method Reference values are currently
defined. This specification establishes a registry for
Authentication Method Reference values and defines an initial set of
Authentication Method Reference values.
Working Group Summary
The working group had solid consensus, no issues.
Document Quality
A number of implementations exist and include:
Implementations of the OpenID Mobile Authentication Profile,
which is defined by the MODRNA working group, use “amr” values.
This includes all the GSMA Mobile Connect deployments.
Microsoft Azure Active Directory and Microsoft Active Directory
Federation Services (ADFS) use “amr” values.
Google’s identity provider uses “amr” values.
There is one downref noted in the shepherd report and last call announcement:
The following document is a non-IETF document that may require a downward
reference:
[OpenID.Core]
Sakimura, N., Bradley, J., Jones, M., de Medeiros, B., and
C. Mortimore, "OpenID Connect Core 1.0", November 2014,
<http://openid.net/specs/openid-connect-core-1_0.html>.
Personnel
Hannes Tschofenig is the document shepherd and the responsible area
director is Kathleen Moriarty.
If the document requires IANA
experts(s), insert 'The IANA Expert(s) for the registries
in this document are John Bradley, Brian Campbell,
Michael B. Jones, and Chuck Mortimore. The DEs match
that of the IANA "JSON Web Token Claims" registry
[IANA.JWT.Claims]
IANA Note
The document creates a new registry for Authentication Method Reference
(AMR) values and populates the registry with an initial set of values.
Values are registered on an Expert Review [RFC5226] basis after a
three-week review period on the jwt-reg-review@ietf.org mailing list,
on the advice of one or more Designated Experts.