Hmmm, one more thought ... no scope?? The JWT is the grant, is it assumed that the scope is conveyed as a claim within the token? Otherwise it would seem that it would require a scope.
Thoughts? adam From: Brian Campbell [mailto:bcampb...@pingidentity.com] Sent: Thursday, March 14, 2013 4:44 PM To: Lewis Adam-CAL022 Cc: Mike Jones; "WG <oauth@ietf.org>"@il06exr02.mot.com Subject: Re: [OAUTH-WG] JWT grant_type and client_id Yes, that is correct. I'm working on new revisions of the drafts that will hopefully make that point more clear. On Thu, Mar 14, 2013 at 5:26 PM, Lewis Adam-CAL022 <adam.le...@motorolasolutions.com<mailto:adam.le...@motorolasolutions.com>> wrote: Coming back to this ... am I correct in that client_id is not required? We are implementing this spec and want to make sure that we are doing it right. By my understanding the only two parameters that are required in the JWT grant type are "urn:ietf:params:oauth:grant-type:jwt-bearer" and the assertion. Is this correct? From: Mike Jones [mailto:michael.jo...@microsoft.com<mailto:michael.jo...@microsoft.com>] Sent: Monday, February 18, 2013 6:58 PM To: Lewis Adam-CAL022; oauth@ietf.org<mailto:oauth@ietf.org> WG Subject: RE: JWT grant_type and client_id The client_id value and the access token value are independent. -- Mike From: oauth-boun...@ietf.org<mailto:oauth-boun...@ietf.org> [mailto:oauth-boun...@ietf.org<mailto:oauth-boun...@ietf.org>] On Behalf Of Lewis Adam-CAL022 Sent: Monday, February 18, 2013 2:50 PM To: oauth@ietf.org<mailto:oauth@ietf.org> WG Subject: [OAUTH-WG] JWT grant_type and client_id Is there any guidance on the usage of client_id when using the JWT assertion profile as a grant type? draft-ietf-oauth-jwt-bearer-04 makes no mention so I assume that it is not required ... but it would be necessary if using in conjunction with a HOK profile where the JWT assertion is issued to - and may only be used by - the intended client. Obviously this is straight forward enough, really I'm just looking to be sure that I'm not missing anything. tx adam _______________________________________________ OAuth mailing list OAuth@ietf.org<mailto:OAuth@ietf.org> https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth