Re: [OAUTH-WG] draft-bertocci-oauth-access-token-jwt-00

Vittorio Bertocci Mon, 06 May 2019 12:27:27 -0700

I am not following, Vladimir. What do you mean? Can you make some examples
to clarify?
The userinfo is always colocated with the AS, hence I would expect most
vendors not to use JWT for the ATs issued for userinfo access


On Mon, May 6, 2019 at 12:21 PM Vladimir Dzhuvinov <vladi...@connect2id.com>
wrote:

>
> https://tools.ietf.org/html/draft-ietf-oauth-access-token-jwt-00#section-2.2.2
>
> In OpenID Connect the access token is consumed by the UserInfo endpoint.
>
> Were there any suggestions to also spec parameter(s) for the claims
> names (with optional locales) for release at the UserInfo endpoint?
>
> Vladimir
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>

_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Re: [OAUTH-WG] draft-bertocci-oauth-access-token-jwt-00

Reply via email to