The name needs to be unique enough not to conflict with likely parameters already used by providers. I don’t have an opinion which name is better, just that it was oauth_token before and when we changed the scheme name to Bearer, changed it too.
EHL From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of Doug Tangren Sent: Wednesday, May 11, 2011 10:09 PM To: oauth@ietf.org Subject: [OAUTH-WG] consistency of token param name in bearer token type This may have come up before so I'm sorry if I'm repeating. Why does bearer token spec introduce a new name for oauth2 access tokens [1], "bearer_token", and before that [2], "oauth_token"? I apologize if this may sound shallow but, why introduce a new parameter name verses sticking with what the general oauth2 spec already defines, "access_token". It seems arbitrary for an auth server to hand a client an apple then have the client hand it off to the resource server and call it an orange. Was this just for the sake of differentiating the parameter name enough so that the bearer tokens may be used in other protocols without being confused with oauth2 access_tokens? [1]: http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-04#section-2.2 [2]: http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-03#section-2.2 -Doug Tangren http://lessis.me
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
