On Fri, Oct 14, 2022 at 10:50 AM Roman Danyliw <r...@cert.org> wrote:
> > > > > > > ** Section 11.2 > > > > > > One option would be to have a mechanism allowing the registration of > > > extension modules, each of them responsible for rendering the > > > respective user consent and any transformation needed to provide the > > > data needed to the resource server by way of structured access tokens > > > or token introspection responses. > > > > > > I don't follow the flexibility being described here. "One option ..." > with > > respect to what? > > > > With respect to having certain types hard-coded (like someone like > Facebook or > > GitHub might do because their API is specific) or having some kind of > > mechanism that just prints out the RAR objects verbatim. > > > > Ah, you mean relative to customization. Maybe s/One option would be/One > option to support customization/ > > FWIW I updated this sentence in my earlier edits that attempted to get the low hanging items and it now says "One approach to supporting such customization would be to have a mechanism allowing [...]", which is slightly more wordy but basically the same as your suggestion. -- _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth