Hi all,
Token exchange registers the 'resource' parameter, at least to a large extend,
and draft-ietf-oauth-resource-indicators indicates this in the IANA
consideration section.
What isn't mentioned in draft-ietf-oauth-resource-indicators is that token
exchange also defines the audience parameter. The audience parameter is defined
as
"
Audience:
The logical name of the target service where the client
intends to use the requested security token. This serves a
purpose similar to the "resource" parameter, but with the client
providing a logical name rather than a location.
"
I am mentioning this also because draft-ietf-ace-oauth-params defines a
parameter 'req_aud', which was supposed to be similar to resource but at the
last IETF meeting the argument was that it is a logical name. As such, it would
correspond to the audience parameter registered in the token exchange.
Is my observation correct?
Ciao
Hannes
IMPORTANT NOTICE: The contents of this email and any attachments are
confidential and may also be privileged. If you are not the intended recipient,
please notify the sender immediately and do not disclose the contents to any
other person, use it for any purpose, or store or copy the information in any
medium. Thank you.
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
