The client_id value and the access token value are independent.
-- Mike
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of Lewis
Adam-CAL022
Sent: Monday, February 18, 2013 2:50 PM
To: oauth@ietf.org WG
Subject: [OAUTH-WG] JWT grant_type and client_id
Is there any guidance on the usage of client_id when using the JWT assertion
profile as a grant type? draft-ietf-oauth-jwt-bearer-04 makes no mention so I
assume that it is not required ... but it would be necessary if using in
conjunction with a HOK profile where the JWT assertion is issued to - and may
only be used by - the intended client. Obviously this is straight forward
enough, really I'm just looking to be sure that I'm not missing anything.
tx
adam
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
