This has already been discussed and presented in the several past IETF meetings about this draft.
Yes, it means the client can prompt the user in the UI to tell them they will need to re-authorize and re-approve access. This lets the client proactively tell the user they need to re-authorize before the access is lost. Without this, the client will lose access for an indeterminate amount of time until the user realizes the client has stopped working and goes and reconnects it. On Fri, Nov 14, 2025 at 7:51 AM Neil Madden <[email protected]> wrote: > > > > On 14 Nov 2025, at 15:14, Max Gerber <[email protected]> wrote: > > > > > […] The client can also schedule a notification to the user to renew > the grant in 11 months. > > But what does this mean in practice? Asking them to re-login and > re-approve the scopes? If so, why not just wait for the grant to expire and > do that anyway? What is the concrete benefit to user or developer > experience of this field? > > — Neil > _______________________________________________ > OAuth mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
