Hi,
the difference between section 7 and 9 is as Kai described it.
Section 7 is about additional data given to the client in the token response
that is needed to perform the rest of the process. Figure 17, for example,
shows how the authorization details object is enriched with the account
num
Hi Torsten,
Thanks for your answer but this seems still very confused to me, so just let me
put a real use case for RAR and see if I can understand correctly, suppose that
Open Banking (never mind the country) replace the lodging intent pattern with
PAR + RAR, an as already covered by OB, the d
Am 13. Juni 2023, 12:02 +0200 schrieb Oliva Fernandez, Jorge
:
Hi Torsten,
Thanks for your answer but this seems still very confused to me, so just let me
put a real use case for RAR and see if I can understand correctly, suppose that
Open Banking (never mind the country) replace the lo
Ok thanks,
And in the response of the /token endpoint should be inside the
“authorization_details” as described in the section 7?
Best regards.
From: OAuth on behalf of
"torsten=40lodderstedt@dmarc.ietf.org"
Date: Tuesday, 13 June 2023 at 11:45
To: "torsten=40lodderstedt@dmarc.ietf.
The token response is different as this is part of the interface between AS and
client, i.e. there needs to be rules in place so both parties can interoperate.
OAuth has traditionally always focused on client to AS and client to RS for
interoperability and left out AS to RS from the equation.
b
