On 7/31/18 12:30 AM, Adam Roach wrote:
ยง3.2:
In response, the authorization server generates a device verification
code and an end-user code that are valid for a limited time and
includes them in the HTTP response body using the "application/json"
format with a 200 (OK) status code.
This needs to normatively cite RFC 7159.
Thanks to Carsten for reminding me that this has been replaced by RFC
8259. Sorry for confusing things.
/a
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
