The client authentication can be used to retrieve a grant previously arranged. While the grant is linked to the client, it is not always about the client's resources. Calling it 'client' implies it is about the client's resources.
EHL On Jul 16, 2010, at 18:19, Brian Eaton <bea...@google.com> wrote: > On Fri, Jul 16, 2010 at 2:25 PM, Eran Hammer-Lahav <e...@hueniverse.com> > wrote: >> External, out-of-band, implicit. >> >> It cannot be client because that is not always the case. > > Can you point to a use case where someone is going to use the client > password flow to authenticate something besides a client? > > Because I'm pretty sure that use case is crazy, and can safely be ignored. _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
