I see an invalid-client-credentials error code, but for the basic-credentials grant type, it seems there should be a specific error code to indicate the resource owner's basic creds are invalid, as opposed to the client's credentials being invalid.
-- Andrew Arnott "I [may] not agree with what you have to say, but I'll defend to the death your right to say it." - S. G. Tallentyre
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
