mailto:oauth-boun...@ietf.org**] On
Behalf Of Sergey Beryozkin
Sent: Friday, March 15, 2013 4:31 PM
To: oauth@ietf.org mailto:oauth@ietf.org
Subject: Re: [OAUTH-WG] JWT grant_type and client_id
Hi
On 15/03/13 20:40, Lewis Adam-CAL022 wrote:
Hi John
To: oauth@ietf.org mailto:oauth@ietf.org
Subject: Re: [OAUTH-WG] JWT grant_type and client_id
Hi
On 15/03/13 20:40, Lewis Adam-CAL022 wrote:
Hi John,
I would like to argue that the scope should be a parameter in the
access
token request message, the same
: [OAUTH-WG] JWT grant_type and client_id
Hi
On 15/03/13 20:40, Lewis Adam-CAL022 wrote:
Hi John,
I would like to argue that the scope should be a parameter in the
access
token request message, the same as it is for the RO creds grant and
client creds grant
registry,
if they choose.
-- Mike
From: Lewis Adam-CAL022
Sent: March 15, 2013 3:55 PM
To: Brian Campbell
CC: oauth@ietf.org
Subject: Re: [OAUTH-WG] JWT grant_type and client_id
I guess that it depends on what JWT is meant to be. My understanding is that
it began
, March 16, 2013 2:52 AM
To: Mike Jones
Cc: Brian Campbell; Lewis Adam-CAL022; oauth@ietf.org
Subject: Re: [OAUTH-WG] JWT grant_type and client_id
It's a question of whether the jwt spec alone is used (in which case it needs
scope) or whether another profile for access tokens is needed.
Since scope
might be
inclined to use it.
adam
From: Mike Jones [mailto:michael.jo...@microsoft.com]
Sent: Saturday, March 16, 2013 12:17 PM
To: Phil Hunt
Cc: Brian Campbell; Lewis Adam-CAL022; oauth@ietf.org
Subject: RE: [OAUTH-WG] JWT grant_type and client_id
I agree that it’s likely a claim that would
, Sergey
Thoughts?
adam
*From:*John Bradley [mailto:ve7...@ve7jtb.com]
*Sent:* Friday, March 15, 2013 12:10 PM
*To:* Lewis Adam-CAL022
*Cc:* Brian Campbell; WG oauth@ietf.org@il06exr02.mot.com
*Subject:* Re: [OAUTH-WG] JWT grant_type and client_id
The spec is a touch vague on that. I think
@ietf.org
Subject: Re: [OAUTH-WG] JWT grant_type and client_id
Hi
On 15/03/13 20:40, Lewis Adam-CAL022 wrote:
Hi John,
I would like to argue that the scope should be a parameter in the access
token request message, the same as it is for the RO creds grant and
client creds grant type. This would keep
...@ietf.org] On Behalf Of
Sergey Beryozkin
Sent: Friday, March 15, 2013 4:31 PM
To: oauth@ietf.org
Subject: Re: [OAUTH-WG] JWT grant_type and client_id
Hi
On 15/03/13 20:40, Lewis Adam-CAL022 wrote:
Hi John,
I would like to argue that the scope should be a parameter in the access
token
[mailto:oauth-boun...@ietf.org] On Behalf
Of Sergey Beryozkin
Sent: Friday, March 15, 2013 4:31 PM
To: oauth@ietf.org
Subject: Re: [OAUTH-WG] JWT grant_type and client_id
Hi
On 15/03/13 20:40, Lewis Adam-CAL022 wrote:
Hi John,
I would like to argue that the scope should be a parameter
profiles as a
self-contained doc.
adam
From: Brian Campbell [mailto:bcampb...@pingidentity.com]
Sent: Friday, March 15, 2013 5:13 PM
To: Lewis Adam-CAL022
Cc: Sergey Beryozkin; oauth@ietf.org
Subject: Re: [OAUTH-WG] JWT grant_type and client_id
So currently the base assertion document defines
. If not, then it
will be JSON+encryption+signing, just not a JWT :)
adam
From: Brian Campbell [mailto:bcampb...@pingidentity.com]
Sent: Friday, March 15, 2013 5:16 PM
To: Lewis Adam-CAL022
Cc: Sergey Beryozkin; oauth@ietf.org
Subject: Re: [OAUTH-WG] JWT grant_type and client_id
Codifying
the claims they define in the IANA JWT Claims registry,
if they choose.
-- Mike
From: Lewis Adam-CAL022
Sent: March 15, 2013 3:55 PM
To: Brian Campbell
CC: oauth@ietf.org
Subject: Re: [OAUTH-WG] JWT grant_type and client_id
I guess that it depends on what JWT is meant to be. My
.
-- Mike
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of Lewis
Adam-CAL022
Sent: Monday, February 18, 2013 2:50 PM
To: oauth@ietf.org WG
Subject: [OAUTH-WG] JWT grant_type and client_id
Is there any guidance on the usage
.
** **
-- Mike***
*
** **
*From:* oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] *On Behalf
Of *Lewis Adam-CAL022
*Sent:* Monday, February 18, 2013 2:50 PM
*To:* oauth@ietf.org WG
*Subject:* [OAUTH-WG] JWT grant_type and client_id
** **
** **
Is there any guidance
PM
To: Lewis Adam-CAL022
Cc: Mike Jones; WG oauth@ietf.org@il06exr02.mot.com
Subject: Re: [OAUTH-WG] JWT grant_type and client_id
Yes, that is correct.
I'm working on new revisions of the drafts that will hopefully make that point
more clear.
On Thu, Mar 14, 2013 at 5:26 PM, Lewis Adam-CAL022
.
** **
-- Mike***
*
** **
*From:* oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] *On Behalf
Of *Lewis Adam-CAL022
*Sent:* Monday, February 18, 2013 2:50 PM
*To:* oauth@ietf.org WG
*Subject:* [OAUTH-WG] JWT grant_type and client_id
At the moment no,
The HoK work is ongoing.
If you are talking about using an assertion as a authorization grant the
subject should be the resource owner or some proxy for that.
In Connect that would be the user_id not the client_id. We have added
Authorized party azp to connect id_tokens
Is there any guidance on the usage of client_id when using the JWT assertion
profile as a grant type? draft-ietf-oauth-jwt-bearer-04 makes no mention so I
assume that it is not required ... but it would be necessary if using in
conjunction with a HOK profile where the JWT assertion is issued
Subject: [OAUTH-WG] JWT grant_type and client_id
Is there any guidance on the usage of client_id when using the JWT assertion
profile as a grant type? draft-ietf-oauth-jwt-bearer-04 makes no mention so I
assume that it is not required ... but it would be necessary if using in
conjunction with a HOK
20 matches
Mail list logo
