Hi all, On Tue, Apr 20, 2010 at 6:05 PM, Eve Maler <e...@xmlgrrl.com> wrote:
> It seems like this proposal "goes there" in terms of getting as expressive > as Eran fears, though the addition of the wildcard takes away a good deal of > the pain depending on the particular interface at the endpoint(s). Is there > any wider interest in "going there"? > Yes. A couple months ago Iron Money implemented a permissions system[1] that includes read_permissions and write_permissions as parameters when getting a request token. Those two parameters take a comma-separated list of pre-defined resource values (such as "write_permissions=accounts" for read and write permissions for the /accounts/ resource). If what is specified by OAuth 2.0 doesn’t meet Iron Money’s needs, that’s fine, but I wanted to raise my hand high as one of the people interested in a high level of expressiveness. -Chasen [1] https://ironmoney.com/api/permissions/
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth