Unclear portion of openIdConnectUrl for openIdConnect securitySchema

[shiup]

https://spec.openapis.org/oas/v3.1.0

Security Scheme Object
Defines a security scheme that can be used by the operations. Supported schemes are HTTP authentication, an API key (either as a header, a cookie parameter or as a query parameter), OAuth2's common flows (implicit, password, client credentials and authorization code) as defined in [RFC6749](https://tools.ietf.org/html/rfc6749), and [OpenID Connect Discovery](https://tools.ietf.org/html/draft-ietf-oauth-discovery-06).

the link above points to oauth discovery.

Does it apply to the openIdConnectUrl for openIdConnect securitySchema ? Should the openIdConnectUrl be driven by https://openid.net/specs/openid-connect-discovery-1_0.html ?

Please help clarify, thanks

[handrews]

This just seems like a bug where the link is wrong. If the link for openIdConnect did not point to OAuth would this otherwise be clear?

[AxelNennker]

I think the link should be replaced

Security Scheme Object
Defines a security scheme that can be used by the operations. Supported schemes are HTTP authentication, an API key (either as a header, a cookie parameter or as a query parameter), OAuth2's common flows (implicit, password, client credentials and authorization code) as defined in [RFC6749](https://tools.ietf.org/html/rfc6749), and [OpenID Connect Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html).

[handrews]

@AxelNennker if you'd like to submit a PR that would be welcome! It would need to start on the v3.0.4-dev branch, on the versions/3.0.4.md file. Then it will get propagated to 3.1.1 and 3.2.0.

[handrews]

I think the only thing left to do here is to forward-port the change to v3.1.1 and v3.2.0, correct?

[AxelNennker]

Yes

[handrews]

@AxelNennker @shilpa-padgaonkar: In 3.1.1 it looks like the draft IETF RFC you replaced was already replaced by RFC 8414. Is it still appropriate to replace 8414 with what you did in 3.0.4? (I'm guessing yes, but I was just going to blind-port the commit and don't have the slightest clue how any of this stuff works or time to learn it right now)