RAR does not define it's equivalent of RFC 6750's "insufficient_scope" error response (could be "insufficient_authorization", for example). Is this intentional? If not, would it make sense to define it in a separate document?
Dmitry
_______________________________________________ OAuth mailing list -- oauth@ietf.org To unsubscribe send an email to oauth-le...@ietf.org
