Re: [OAUTH-WG] Use of Token Exchange spec for API Federation

ACDC addition of the PKCE to the token material to at least >> bind it to client though. >> >> >> >>> >>> >>> Knowing your use case is really valuable. Thanks for describing it for >>> us. >>> >>> >>> >&g

Re: [OAUTH-WG] Use of Token Exchange spec for API Federation

nt though. > > > >> >> >> Knowing your use case is really valuable. Thanks for describing it for >> us. >> >> >> >> -- Mike >> >> >> >> *From:* Chuck Mortimore

Re: [OAUTH-WG] Use of Token Exchange spec for API Federation

> *Sent:* Wednesday, July 15, 2015 2:44 PM > *To:* Anthony Nadalin > *Cc:* OAuth WG; Mike Jones > *Subject:* Re: [OAUTH-WG] Use of Token Exchange spec for API Federation > > > > User logs into Client and accesses Resource1 using AccessToken1 from > TokenService1. > > &

Re: [OAUTH-WG] Use of Token Exchange spec for API Federation

From: Chuck Mortimore [mailto:cmortim...@salesforce.com] Sent: Wednesday, July 15, 2015 2:44 PM To: Anthony Nadalin Cc: OAuth WG; Mike Jones Subject: Re: [OAUTH-WG] Use of Token Exchange spec for API Federation User logs into Client and accesses Resource1 using AccessToken1 from TokenService1

Re: [OAUTH-WG] Use of Token Exchange spec for API Federation

;   <> > From: OAuth [mailto:oauth-boun...@ietf.org <mailto:oauth-boun...@ietf.org>] > On Behalf Of Chuck Mortimore > Sent: Wednesday, July 15, 2015 12:47 PM > To: OAuth WG mailto:oauth@ietf.org>>; Mike Jones > mailto:michael.jo...@microsoft.com>> > Subject

Re: [OAUTH-WG] Use of Token Exchange spec for API Federation

;>> and resource 1(r1) does the flow go like U->C->R-R1 or U->C->R and U->C->R1 >>> ? >>> >>> >>> >>> *From:* OAuth [mailto:oauth-boun...@ietf.org] *On Behalf Of *Chuck >>> Mortimore >>> *Sent:* Wednesday, July 15

Re: [OAUTH-WG] Use of Token Exchange spec for API Federation

g] *On Behalf Of *Chuck >> Mortimore >> *Sent:* Wednesday, July 15, 2015 12:47 PM >> *To:* OAuth WG ; Mike Jones >> *Subject:* [OAUTH-WG] Use of Token Exchange spec for API Federation >> >> >> >> We're examining the use of the Token Exchange spec fo

Re: [OAUTH-WG] Use of Token Exchange spec for API Federation

more > *Sent:* Wednesday, July 15, 2015 12:47 PM > *To:* OAuth WG ; Mike Jones > *Subject:* [OAUTH-WG] Use of Token Exchange spec for API Federation > > > > We're examining the use of the Token Exchange spec for API federation > use-cases, and are looking for some feedba

Re: [OAUTH-WG] Use of Token Exchange spec for API Federation

ike Jones Subject: [OAUTH-WG] Use of Token Exchange spec for API Federation We're examining the use of the Token Exchange spec for API federation use-cases, and are looking for some feedback. The basic use-case is as follows: Developer wants to build an Application that is a composite o

[OAUTH-WG] Use of Token Exchange spec for API Federation

We're examining the use of the Token Exchange spec for API federation use-cases, and are looking for some feedback. The basic use-case is as follows: Developer wants to build an Application that is a composite of backend services that span multiple security domains. For example, it's a combinat