Hi all,
at the Prague IETF meeting we ran a bit out of time during the working group
session and therefore we would like to schedule an interim meeting to continue
the conversation about UMA.
Rifaat and I have set up a Doodle poll with two possible dates (1 hour slots at
the bi-weekly OAuth WG
Hi Torsten,
Apologies for the late reply. Suggested text:
4.x Client Impersonation of Resource Owner
Resource servers may make access control decisions based on the identity of the
resource owner as communicated in the "sub" claim returned by the authorization
server in a token introspect
Dear OAuth WG
We have an issue that we are discussing in the OIDF MODRNA work group
relating to the Client Initiated Back Authentication spec (which is an
OAuth 2 extension). As the issue affects the wider OAuth ecosystem we
wanted to post it here and gain feedback from the OAuth Working Group.
F