#6: Make automated self-registration of unique clients possible
-----------------------------+----------------------------------------------
Reporter: e...@… | Owner:
Type: enhancement | Status: new
Priority: major | Milestone:
Component: authentication | Version:
Severity: - | Keywords:
-----------------------------+----------------------------------------------
There are some cases where subsequent correlation of initially anonymous
clients is desirable (just as there are some cases where humans can self-
choose a username and password at a website). It would be helpful to have
a standard, interoperable "pre-flow" that precedes normal token-getting
flows for issuing a unique client_id and client_secret to walk-up clients.
The alternative is documenting, or letting the client discover, statically
allocated credentials that don't distinguish it from other clients. For at
least the uses to which UMA is putting OAuth, and possibly for others as
well, it would be useful to have enough context to distinguish clients
uniquely outside of the context of the access token it is ultimately
given.
--
Ticket URL: <http://trac.tools.ietf.org/wg/oauth/trac/ticket/6>
oauth <http://tools.ietf.org/oauth/>
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
