Hello I am studying OAuth to be able to suggest and champion it to OpenSim community.
I am looking for a way to combine user identities to user groups and using groups as a principals in access lists of resources. In other words the normal user group pattern in distributed identity provider context. One of the requirements is that the use groups should be stored to identity providers storage and that the group should be able to have user identities from different identity providers as members. The resource provider should be able to somehow acquire information whether user is member of any of the groups in the resource access list if direct access rights of the user are not enough to access the resource. Is this already somehow possible with OAuth or on the OAuth roadmap. Are there alternative or additional standards to accomplish this? If not, is this a good feature candidate or could these requirements be solved with different design pattern entirely? regards, Tommi Laukkanen --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to oauth@googlegroups.com To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---