Re: [OAUTH-WG] RAR - Example JWT for Payment

Tue, 31 Mar 2020 08:13:18 -0700 

The “type” is effectively a schema marker for the content of the authorization 
request object, and so it doesn’t need to be the same domain as the API that’s 
being hosted. Think of it this way: the type defines the API, this could be a 
standard body or some other org, and the location defines the specific hosted 
instance. It’s like defining OpenID Connect at the OIDF and hosting it on your 
company’s domain.

 — Justin

> On Mar 30, 2020, at 9:18 AM, Jared Jennings <jaredljenni...@gmail.com> wrote:
> 
> I have a question about the example and maybe it's more for clarification 
> than anything.
> 
> The example contains type and also location.
> A couple of things
> 1. Would it add clarity if the domain was the same for both? vs. someorg.com 
> <http://someorg.com/> / example.com <http://example.com/>
> 2. While only an example, would it bring clerity to past examples if the type 
> was https://schema.example.com/payment_initiation 
> <https://schema.example.com/payment_initiation> and the location was 
> https://api.example.com/payments <https://api.example.com/payments>
> 
> or am I missing something what the values represent?
> 
> Here's the example I am referring to on page 17.
> {
>       "iss": "https://as.example.com <https://as.example.com/>",
>       "sub": "24400320",
>       "aud": "a7AfcPcsl2",
>       "exp": 1311281970,
>       "acr": "psd2_sca",
>       "txn": "8b4729cc-32e4-4370-8cf0-5796154d1296",
>       "authorization_details": [
>          {
>             "type": "https://www.someorg.com/payment_initiation 
> <https://www.someorg.com/payment_initiation>",
>             "actions": [
>                "initiate",
>                "status",
>                "cancel"
>             ],
>             "locations": [
>                "https://example.com/payments <https://example.com/payments>"
>             ],
>             "instructedAmount": {
>                "currency": "EUR",
>                "amount": "123.50"
>             },
>             "creditorName": "Merchant123",
>             "creditorAccount": {
>                "iban": "DE02100100109307118603"
>             },
>             "remittanceInformationUnstructured": "Ref Number Merchant"
>          }
>       ],
>       "debtorAccount": {
>          "iban": "DE40100100103307118608",
>          "user_role": "owner"
>       }
>    ]
> 
> -Jared
> Skype:jaredljennings
> Signal:+1 816.730.9540
> WhatsApp: +1 816.678.4152
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth


_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to