Hi all, in a discussion about re-using the client authentication part of the assertion framework for other specifications currently in progress I ran into the following question:
Section 6.1 of http://tools.ietf.org/html/draft-ietf-oauth-assertions-15 talks about the client using the assertion with the **token endpoint**. Now, it appears that one cannot use the client authentication with other endpoints, such as the introspection endpoint defined in http://tools.ietf.org/html/draft-richer-oauth-introspection-04#section-2 Am I reading too much into Section 6.1 of the assertion draft? Ciao Hannes
signature.asc
Description: OpenPGP digital signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
