Clarify Use Cases

[JonasPrimbs]

Hi there,

I did the following steps to address Issue #3.

• Added a Use Cases subsection to the Introduction
• Removed redundancies with Introduction
• Made the Introduction more specific

[EthanHeilman]

@JonasPrimbs Fixed the merge between this PR and the current main. Altered some of the language to bring it more in-line with current state of the spec. Feel free to change back any changes you don't like.

[JonasPrimbs]

@EthanHeilman Looks great. Thanks for merging!

[fkj]

Discussed on the call today.
@JonasPrimbs would you be willing to rework this PR into an appendix explaining in more detail how the use cases would leverage the specification?
It would also be interesting to consider any implementation considerations that are important for your use cases and might need explanation in the main spec.

[JonasPrimbs]

@fkj Yes, I can do it tomorrow

[JonasPrimbs]

@fkj I just updated the draft based on the minutes from 7-May-2026:

• @dickhardt Use cases are now moved to Appendix A.
• I introduced short narratives in the Introduction, referring to them in the appendix.
• I explained the use cases from my OIDC² paper in Appendix A.2.
• I added a requirements subsection that lists the requirements resulting from these different use cases. @gffletch: This also includes the audience claim.

@EthanHeilman I'm not that deep in the component-to-component use case. Maybe you could add the examples and requirements subsection in Appendix A.1.

@dickhardt: I think we should discuss as a group which use cases we want to support with this spec and which ones we don't.
I'm not sure whether the component-to-component use case in Appendix A.1 is something we should support. To me, it looks like OpenSearch confused OIDC with OAuth2. Maybe classic OAuth2 is the better solution here. Probably, I did not fully understand why they sent the ID Token from the UI component to the backend (@EthanHeilman: can you help here?).

[dickhardt]

@JonasPrimbs thanks for the updated text! Not sure if I am misunderstanding the change -- but it looks like you took out the list of use cases we had in the intro to provide context. Am I reading that correctly?

Its not clear to me the value in referencing the The OIDC² proposal in the appendix -- ideally the use case would crisply describe how an implementor would use key binding in ways that are not obvious -- if it is obvious, then its not needed! As I glance over the appendix -- I don't get a sense of what I would do as an implementor in a specific situation.

Unfortunately I missed the call you were on, and you were not in the last WG call. Perhaps it would be more efficient for us to have a 1:1 call?