ccess tokens from a
single authorization flow
Breno,
> Alternative proposal. Create a new call for 'dropping privileges'
where a client can present a single refresh token and scopes and
obtain a new refresh token/access token with defined scopes provided
that these scopes were
, 2010 6:54 PM
To: Breno
Cc: OAuth WG (oauth@ietf.org)
Subject: Re: [OAUTH-WG] proposal: multiple access tokens from a single
authorization flow
Breno,
> Alternative proposal. Create a new call for 'dropping privileges' where a
> client can present a single refresh token and scopes
Breno,
> Alternative proposal. Create a new call for 'dropping privileges' where a
> client can present a single refresh token and scopes and obtain a new refresh
> token/access token with defined scopes provided that these scopes were
> already granted to the original token.
> The advantage
>>
>>
>> EHL
>>
>>
>>
>> From: Breno [mailto:breno.demedei...@gmail.com]
>> Sent: Wednesday, June 16, 2010 8:17 AM
>> To: Eran Hammer-Lahav
>> Cc: Torsten Lodderstedt; OAuth WG (oauth@ietf.org)
>> Subject: Re: [OAUTH-WG] proposal: multipl
> Sent: Wednesday, June 16, 2010 8:17 AM
> To: Eran Hammer-Lahav
> Cc: Torsten Lodderstedt; OAuth WG (oauth@ietf.org)
> Subject: Re: [OAUTH-WG] proposal: multiple access tokens from a single
> authorization flow
>
>
>
> Alternative proposal. Create a new call for
medei...@gmail.com]
Sent: Wednesday, June 16, 2010 8:17 AM
To: Eran Hammer-Lahav
Cc: Torsten Lodderstedt; OAuth WG (oauth@ietf.org)
Subject: Re: [OAUTH-WG] proposal: multiple access tokens from a single
authorization flow
Alternative proposal. Create a new call for 'dropping privileges' wher
Alternative proposal. Create a new call for 'dropping privileges' where a
client can present a single refresh token and scopes and obtain a new
refresh token/access token with defined scopes provided that these scopes
were already granted to the original token.
The advantage of a separate call is
t;
> >
> >> -Original Message-
> >> From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On
> >> Behalf Of David Recordon
> >> Sent: Thursday, June 10, 2010 8:54 AM
> >> To: Torsten Lodderstedt
> >> Cc: OAuth WG (oauth@ietf.
)
Subject: Re: [OAUTH-WG] proposal: multiple access tokens from a single
authorization flow
I strongly believe that it should be an extension. Even optional response
parameters increase the complexity for client developers and this in
particular affects the data model used to store access tokens
Of David Recordon
> Sent: Thursday, June 10, 2010 8:54 AM
> To: Torsten Lodderstedt
> Cc: OAuth WG (oauth@ietf.org)
> Subject: Re: [OAUTH-WG] proposal: multiple access tokens from a single
> authorization flow
>
> I strongly believe that it should be an extension. Even optional resp
I thought I had already written this, but I guess the e-mail never went
anywhere...
I do have a strong opinion on Torsten's proposal, and it is POSITIVE.
A nit pick: I would replace "Array" with "List," to read "A list of
access tokens issued..."
Igor
Torsten Lodderstedt wrote:
no one in
I strongly believe that it should be an extension. Even optional
response parameters increase the complexity for client developers and
this in particular affects the data model used to store access tokens.
--David
On Thu, Jun 10, 2010 at 8:46 AM, Torsten Lodderstedt
wrote:
> no one in the WG ha
no one in the WG having an opinion on this topic?
Am 09.06.2010 12:19, schrieb Torsten Lodderstedt:
Hi all,
I would like to see support in OAuth2 for the authorization of
arbitrary scopes in a single authorization flow for all kinds of
deployments. In some deployments this may require to issu
Hi all,
I would like to see support in OAuth2 for the authorization of arbitrary
scopes in a single authorization flow for all kinds of deployments. In
some deployments this may require to issue multiple access tokens at once.
Therefore, I would like to propose the following addition to secti
14 matches
Mail list logo
