Hi all, Token exchange registers the 'resource' parameter, at least to a large extend, and draft-ietf-oauth-resource-indicators indicates this in the IANA consideration section.
What isn't mentioned in draft-ietf-oauth-resource-indicators is that token exchange also defines the audience parameter. The audience parameter is defined as " Audience: The logical name of the target service where the client intends to use the requested security token. This serves a purpose similar to the "resource" parameter, but with the client providing a logical name rather than a location. " I am mentioning this also because draft-ietf-ace-oauth-params defines a parameter 'req_aud', which was supposed to be similar to resource but at the last IETF meeting the argument was that it is a logical name. As such, it would correspond to the audience parameter registered in the token exchange. Is my observation correct? Ciao Hannes IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth