Hi,
are there plans for supporting delegation-styles like ActAs or OnBehalfOf in SAML? If this was possible, a resource server could delegate a subset of the delegated rights to another resource server. This could be a very important thing, when one wants to use OAuth 2 within an enterprise-environment. I know, that OAuth 2 has been created for web-scenarios, but it's a fact that OAuth 2 is used as a "REST-friedly" alternative to WS-* in the area of service-security. Would it be the right way, to define an Extension Grants for such a scenario? Wishes, Manfred
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
