Examples added to OpenID Connect Token Bound Authentication spec


OpenID Connect Token Bound Authentication 1.0 draft 01 adds examples showing the flows in action. Thanks to Brian Campbell for adding them! This draft also adds a Security Considerations paragraph describing that additional security tokens can also be token bound, including cookies, access tokens, refresh tokens, and authorization codes. This specification is a product of the OpenID Enhanced Authentication Profile (EAP) working group.

The specification is available at http://openid.net/specs/openid-connect-token-bound-authentication-1_0-01.html.