After talking to some folks about OAuth protected services being able to connect to other REST based OAuth protected services, it occurred to me that some form of "chaining" is required to support scenarios that are essentially message buses. The document specifies a new grant type which enables an OAuth client that has an oauth_token from its client, to request a new access token for another oauth protected server (which may or may not be in another OAuth "domain").
Your feedback and contributions greatly appreciated. Phil phil.h...@oracle.com Begin forwarded message: > From: IETF I-D Submission Tool <idsubmiss...@ietf.org> > Date: March 1, 2011 12:29:07 PM PST > To: phil.h...@yahoo.com > Subject: New Version Notification for draft-hunt-oauth-chain-00 > > > A new version of I-D, draft-hunt-oauth-chain-00.txt has been successfully > submitted by Phil Hunt and posted to the IETF repository. > > Filename: draft-hunt-oauth-chain > Revision: 00 > Title: Chain Grant Type for OAuth2 > Creation_date: 2011-03-01 > WG ID: Independent Submission > Number_of_pages: 10 > > Abstract: > This specification defines a method by which an OAuth protected > service, can use a received oauth token from its client, to in turn, > act as a client and access another OAuth protected service in a > 'chained' profile. > > > > The IETF Secretariat. > >
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
