Congrats! Glad to see this one out! Phil
Oracle Corporation, Identity Cloud Services Architect @independentid www.independentid.com <http://www.independentid.com/>phil.h...@oracle.com <mailto:phil.h...@oracle.com> > On Jun 28, 2018, at 5:00 PM, Torsten Lodderstedt <tors...@lodderstedt.net> > wrote: > > Congratulations! > > Am 28.06.2018 um 18:15 schrieb William Denniss > <wdenniss=40google....@dmarc.ietf.org > <mailto:wdenniss=40google....@dmarc.ietf.org>>: > >> Congratulations! >> >> Really glad that we have an RFC specifying how servers should provide their >> configuration data in machine readable form. Helps with developer experience >> (less manual configuration), as well as mitigating mix-up attacks (better >> association of related endpoints), amongst other benefits. >> >> I'm happy to say that the AppAuth clients support RFC 8414, through >> discovery methods that take a complete URL >> <https://github..com/openid/AppAuth-iOS/blob/1dae3a1df4de33b844284dce545c71ff0d3582ad/Source/OIDAuthorizationService.h#L111-L112>, >> in addition to the issuer-based ones designed for OIDC usage. >> >> >> On Thu, Jun 28, 2018 at 3:54 PM, Mike Jones >> <Michael.Jones=40microsoft....@dmarc.ietf.org >> <mailto:Michael.Jones=40microsoft....@dmarc.ietf.org>> wrote: >> The OAuth 2.0 Authorization Server Metadata specification is now RFC 8414 >> <https://www.rfc-editor.org/rfc/rfc8414.txt>. The abstract describes the >> specification as: >> >> >> >> This specification defines a metadata format that an OAuth 2.0 client can >> use to obtain the information needed to interact with an OAuth 2.0 >> authorization server, including its endpoint locations and authorization >> server capabilities. >> >> >> >> The specification defines a JSON metadata representation for OAuth 2.0 >> authorization servers that is compatible with OpenID Connect Discovery 1.0 >> <http://openid.net/specs/openid-connect-discovery-1_0.html>. This >> specification is a true instance of standardizing existing practice. OAuth >> 2.0 deployments have been using the OpenID Connect metadata format to >> describe their endpoints and capabilities for years. This RFC makes this >> existing practice a standard. >> >> >> >> Having a standard OAuth metadata format makes it easier for OAuth clients to >> configure connections to OAuth authorization servers.. See >> https://www.iana.org/assignments/oauth-parameters/oauth-parameters..xhtml#authorization-server-metadata >> >> <https://www.iana.org/assignments/oauth-parameters/oauth-parameters.xhtml#authorization-server-metadata> >> for the initial set of registered metadata values. >> >> >> >> Thanks to all of you who helped make this standard a reality! >> >> >> >> -- Mike >> >> >> >> P.S. This announcement was also posted at http://self-issued.info/?p=1883 >> <http://self-issued.info/?p=1883> and as @selfissued >> <https://twitter..com/selfissued>. >> >> >> >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org <mailto:OAuth@ietf.org> >> https://www.ietf.org/mailman/listinfo/oauth >> <https://www.ietf.org/mailman/listinfo/oauth> >> >> >> _______________________________________________ >> OAuth mailing list >> OAuth@ietf.org <mailto:OAuth@ietf.org> >> https://www.ietf.org/mailman/listinfo/oauth >> <https://www.ietf.org/mailman/listinfo/oauth> > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
