Hi, Any comment about this? Thanks!
Best regards. From: "Oliva Fernandez, Jorge" <jorge.olivafernan...@santander.co.uk> Date: Friday, 2 June 2023 at 14:10 To: "oauth@ietf.org" <oauth@ietf.org> Subject: RFC 9396 - RAR doubt about examples Hi, Reviewing the just releases RFC there are a couple of examples that seems incorrect or maybe I’m missing something, in section 9.1 and 9.2 appear a field “debtorAccount” outside the “authorization_details” object and in section 9.1 specify: “debtorAccount: API-specific field containing the debtor account. In the example, this account was not passed in the authorization_details but was selected by the user during the authorization process. The field user_role conveys the role the user has with respect to this particular account. In this case, they are the owner. This data is used for access control at the payment API (the RS). ” If this “debtorAccount” is the result of an “Enriched Authorization Details“ should not follow what is described in section 7.1 and be returned inside the “authorization_details” Object? Best regards. Emails aren't always secure, and they may be intercepted or changed after they've been sent. Santander doesn't accept liability if this happens. If you think someone may have interfered with this email, please get in touch with the sender another way. This message doesn't create or change any contract. Santander doesn't accept responsibility for damage caused by any viruses contained in this email or its attachments. Emails may be monitored. If you've received this email by mistake, please let the sender know at once that it's gone to the wrong person and then destroy it without copying, using, or telling anyone about its contents. Santander UK plc. Registered Office: 2 Triton Square, Regent's Place, London, NW1 3AN, United Kingdom. Registered Number 2294747. Registered in England and Wales. https://www.santander.co.uk. Telephone 0800 389 7000. Calls may be recorded or monitored. Authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority. Our Financial Services Register number is 106054. You can check this on the Financial Services Register by visiting the FCA’s website https://www.fca.org.uk/register. Santander and the flame logo are registered trademarks. Ref:[PDB#1-4B]
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
