RFC6749 allows scopes to be presented at the token endpoint for cases like
client credentials grants.
It's not clear how this could be achieved with the current RAR spec though
when a Client using Client Credentials wants to request fine grained access
using authorization_details. Or should this e
That sound good Rifaat.
Matt
On Fri, Mar 27, 2020 at 5:59 PM Rifaat Shekh-Yusef
wrote:
> This will have no impact on the adoption of the DPoP document.
>
> Regards,
> Rifaat
>
>
> On Fri, Mar 27, 2020 at 11:22 AM Torsten Lodderstedt 40lodderstedt@dmarc.ietf.org> wrote:
>
>> Hi,
>>
>> assu
>
> For me, at the current point in time, it depends on whether a significant
> portion of the working group is attending in-person.
That is my sentiment as well. Also do we have any idea on the likelihood of
it being cancelled outright?
Matt
On Tue, Mar 10, 2020 at 6:37 AM n-sakimura wrote:
>
> I have a feeling that if we had more concise JWT libraries and command
> line tools, where using the JWT Bearer grant became a one-liner again then
> we wouldn’t be having this conversation. So perhaps removing it is an
> incentive to make that happen.
>
Neil could you elaborate more on this p
+1 for adoption
Matt
On Mon, Jan 6, 2020 at 9:38 PM Rifaat Shekh-Yusef
wrote:
> All,
>
> This is a call for adoption for the *OAuth 2.0 Rich Authorization
> Requests* document.
> https://datatracker.ietf.org/doc/draft-lodderstedt-oauth-rar/
>
> Please, let us know if you support or object to th