Dale is correct, I was misremembering slightly -- UAA does not do what
we would really call dynamic registration with SCIM, but rather does a
static client provisioning using SCIM as the API for provisioning the
client objects. Still, it's a real-life implementation of something
similar that we can look at.
-- Justin
On 02/05/2013 02:42 AM, Dale Olds wrote:
Rather surprised (and pleased) to see a reference to the UAA here, but
I would like to make a quick clarification.
Justin, I think we concluded that what the UAA is doing is static
client registration via SCIM extensions, not dynamic client
registrations. The UAA has been serving OAuth2 and SCIM requests in
the cloudfoundry.com PaaS for over a year now -- there was no client
registration standard at that time, and SCIM provides what we need.
I agree with your point that we should not invent unnecessary
standards, and SCIM is working quite well for us in combination with
OAuth2 for static client registrations. That said, I expect we will
have a future need for dynamic client registrations and that there may
be some significant differences.
And my preference would also be json in and json out.
--Dale
On 02/04/2013 01:35 PM, Richer, Justin P. wrote:
Additionally:
This begs the question, why not just do SCIM here? CloudFoundry's UAA
has a SCIM class for OAuth clients that they use for dynamic
registration today.
-- Justin
On Feb 4, 2013, at 4:25 PM, Mike Jones <michael.jo...@microsoft.com
<mailto:michael.jo...@microsoft.com>>
wrote:
Now that we're returning the registration state as JSON, it's pretty
inconsistent for the registration request to instead be
form-url-encoded. The case can be made for switching to JSON now -
especially in light of possibly wanting to convey some structured
information at registration time.
I realize that this is a big change, but if we're going to do it, we
should do it now.
As a precedent, apparently SCIM requests are JSON, rather than
form-url-encoded.
-- Mike
_______________________________________________
OAuth mailing list
OAuth@ietf.org <mailto:OAuth@ietf.org>
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
