On Thu, Feb 07, 2019 at 02:28:02PM -0700, Brian Campbell wrote:
>
> The token-exchange draft defines both the "resource" and "audience"
> parameters for use in the context of a
> "urn:ietf:params:oauth:grant-type:token-exchange" grant type request to the
> token endpoint. There is a lot of
For better or worse there is a long and winding road that has led to where
we are now with these parameters. And there has been plenty of
misunderstanding, miscommunication, dysfunction, questionable decisions,
and general SDO process along the way that/'s helped get to this point.
I've certainly
Since the authors of the token exchange draft have asked IANA for an early
registration of the parameters I get the impression that the question is more “
does the resource indicator spec need to define the resource parameter (or
rather reference the resource and audience parameters from the
To add to that,
3. If a device uses HTTP Token Exchange it can use both resource and
audience parameters.
With the recent discussion and changes to the language in the resource
indicators draft, does the token exchange spec need a unique audience
parameter?
S pozdravem,
*Filip Skokan*
On Thu,
