Quick question. I was wondering if OAuth 2.0 can work with access control lists.
For example there is a protected resource (e.g. a photo), and I want to set it up so that a two or more users (for example a group of friends) U1, U2 ... Un will be able to access it after authenticating. Is this kind of flow possibly with OAuth 2.0, and if so whose responsibility is it to maintain the list of agents than can access the resource? _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
