Think about a distributed setup. You have single Authorization Server and multiple Resource Servers.
Although OAuth nicely decouples AS from RS - AFAIK there is no standard established for communication betweens AS and RS - how to declare metadata between those. Also there can be Resource Servers which support multiple token types. It could vary on APIs hosted in a given RS. Thanks & regards, -Prabath On Mon, Jan 21, 2013 at 10:48 AM, <zhou.suj...@zte.com.cn> wrote: > > The token type shoulbe decided by resource server, which consumes access > token. > Client just re-tell the requested token type to AS. > Client should not specify the token type. > > > oauth-boun...@ietf.org 写于 2013-01-21 13:08:39: > > > > This is true. It's possible for the AS to vary it's behavior on > > scope name, but it's presumed the AS and RS have an agreement of > > what token type is in play. Likely a good extension to the spec. > > > > > From: Prabath Siriwardena <prab...@wso2.com> > > To: "oauth@ietf.org WG" <oauth@ietf.org> > > Sent: Sunday, January 20, 2013 7:28 PM > > Subject: [OAUTH-WG] Client cannot specify the token type it needs > > > > > Although token type is extensible according to the OAuth core > > specification - it is fully governed by the Authorization Server. > > > > There can be a case where a single AS supports multiple token types > > based on client request. > > > > But currently we don't have a way the client can specify (or at > > least suggest) which token type it needs in the OAuth access token > request ? > > > > Is this behavior intentional ? or am I missing something... > > > > Thanks & Regards, > > Prabath > > > > Mobile : +94 71 809 6732 > > > > http://blog.facilelogin.com > > http://RampartFAQ.com > > > > _______________________________________________ > > OAuth mailing list > > OAuth@ietf.org > > https://www.ietf.org/mailman/listinfo/oauth > > > > _______________________________________________ > > OAuth mailing list > > OAuth@ietf.org > > https://www.ietf.org/mailman/listinfo/oauth > -- Thanks & Regards, Prabath Mobile : +94 71 809 6732 http://blog.facilelogin.com http://RampartFAQ.com
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
