The section from the RFC, allows for the *scope* or any other standard parameter to be returned in the WWW-Authenticate header, those would be machine readable.
Warren Parad Founder, CTO Secure your user data with IAM authorization as a service. Implement Authress <https://authress.io/>. On Sat, Dec 11, 2021 at 11:59 AM Nikos Fotiou <fot...@aueb.gr> wrote: > Thanks Vladimir, > I am looking for something which is machine readable so that clients can > handle the error automatically. > > Best, > Nikos > > On 11 Dec 2021, at 12:44 PM, Vladimir Dzhuvinov <vladi...@connect2id.com> > wrote: > > > > Hi Nikos, > > The "error_description" can be used to explain the expected token issuer > and other facts to client developers. > > https://datatracker.ietf.org/doc/html/rfc6750#section-3 > > If you want to give client software the ability to respond > programmatically this will require some sort of a proprietary extension. > > Vladimir > > Vladimir Dzhuvinov > > On 11/12/2021 12:35, Nikos Fotiou wrote: > > Hi, > > I have a use case where a resource server is protected and can only be > accessed if a JWT is presented. Is there any way for the server to "indicate" > the "expected" format of the JWT. For example, respond to unauthorized > requests with something that would be translated into "I expect tokens form > iss X with claims [A,B,C]" > > Best, > Nikos > > -- > Nikos Fotiou - http://pages.cs.aueb.gr/~fotiou > Researcher - Mobile Multimedia Laboratory > Athens University of Economics and Businesshttps://mm.aueb.gr > > > _______________________________________________ > OAuth mailing listOAuth@ietf.orghttps://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth >
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
