Re: [OAUTH-WG] draft-bertocci-oauth-access-token-jwt-00

Hi, We have a machine-to-machine scenario where clients, RSes and our AS all belong to different legal entities. Some RSes require their clients to limit the access token to a specific Resource Owner, while other RSes don't. In the former case, we use 'sub' to identify that Resource Owner.

Re: [OAUTH-WG] draft-bertocci-oauth-access-token-jwt-00

Hi, We have a machine-to-machine scenario where clients, RSes and our AS all belong to different legal entities. Some RSes require their clients to limit the access token to a specific Resource Owner, while other RSes don't. In the former case, we use 'sub' to identify that Resource Owner.