Dears, In preparation to IETF 125, we'd like to present and socialize this draft, prepared together with @Aaron Parecki<mailto:[email protected]>: https://datatracker.ietf.org/doc/draft-zehavi-oauth-native-clients-federation/
The idea stems from IETF 124, where Aaron commented in response to the app2app draft<https://datatracker.ietf.org/doc/draft-zehavi-oauth-app2app-browserless/> Yaron presented, that app2app and federation use cases could be added as an extension profile of OAuth 2.0 for First-Party Applications<https://datatracker.ietf.org/doc/draft-ietf-oauth-first-party-apps/> (FiPA). The current draft adds the federate, redirect_to_app and insufficient_information error codes to FiPA, enabling native client interaction (using non HTTP 302 redirects), to federate across authorization servers, as well as support app2app use-cases where another app performs the user interaction. Feedback welcome, Aaron & Yaron This message and any attachment ("the Message") are confidential. If you have received the Message in error, please notify the sender immediately and delete the Message from your system, any use of the Message is forbidden. Correspondence via e-mail is primarily for information purposes. RBI neither makes nor accepts legally binding statements via e-mail unless explicitly agreed otherwise. Information pursuant to ? 14 Austrian Companies Code: Raiffeisen Bank International AG; Registered Office: Am Stadtpark 9, 1030 Vienna, Austria; Company Register Number: FN 122119m at the Commercial Court of Vienna (Handelsgericht Wien). Classification: GENERAL
_______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
