date:20120312

[OAUTH-WG] JSON Web Token (JWT) Specification Draft -08

2012-03-12 Thread Mike Jones

Draft 08 of the JSON Web Token (JWT) specification has been published. It uses the -01 versions of the JOSE specifications and also contains these changes: * Removed language that required that a

[OAUTH-WG] FW: Draft -01 of JSON Crypto Specs: JWS, JWE, JWK, JWA, JWS-JS, JWE-JS

2012-03-12 Thread Mike Jones

From: Mike Jones Sent: Monday, March 12, 2012 5:37 PM To: j...@ietf.org Subject: Draft -01 of JSON Crypto Specs: JWS, JWE, JWK, JWA, JWS-JS, JWE-JS New versions of the JSON Object Signing and Encryption (JOSE) specifications are now available that incorpor

Re: [OAUTH-WG] Client credentials flow vs. authorization grant flow for native clients

2012-03-12 Thread Shane B Weeden

You're on the right track. If you're interested, I have a demo of exactly what you are talking about using the authorization code flow (and in this case manual entry of the short-lived azn code). It uses refresh tokens precisely just as you suggest: https://www-304.ibm.com/connections/blogs/sweede

[OAUTH-WG] OAuth 2.0 Bearer Token Specification Draft -18

2012-03-12 Thread Mike Jones

Draft 18 of the OAuth 2.0 Bearer Token Specification has been published. It contains the following changes: * Changed example bearer token value from vF9dft4qmT to mF_9.B5f-4.1JqM. * Added example access token response returning a B

[OAUTH-WG] I-D Action: draft-ietf-oauth-v2-bearer-18.txt

2012-03-12 Thread internet-drafts

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Web Authorization Protocol Working Group of the IETF. Title : The OAuth 2.0 Authorization Protocol: Bearer Tokens Author(s) : Michael B. Jones

Re: [OAUTH-WG] Are there any implementations of the SAML bearer token specificiation?

2012-03-12 Thread Igor Faynberg

Please include me in the chat! This is, in fact, something that could make a very interesting agenda item at a meeting. Igor On 3/12/2012 12:01 PM, Chuck Mortimore wrote: Salesforce has an implementation of both the SAML and JWT Bearer tokens. Happy to chat. -cmort On Mon, Mar 12, 2012

Re: [OAUTH-WG] Are there any implementations of the SAML bearer token specificiation?

2012-03-12 Thread Paul Madsen

Ping Identity has implemented On 3/12/12 11:55 AM, Alex Bilbie wrote: Hello, Can anyone please tell me if there are any implementations of the OAuth 2 SAML bearer tokens draft specification? It is our intention to expand on the existing work (see http://lncn.eu/jsx5) we have done at the Un

Re: [OAUTH-WG] Are there any implementations of the SAML bearer token specificiation?

2012-03-12 Thread Chuck Mortimore

Salesforce has an implementation of both the SAML and JWT Bearer tokens. Happy to chat. -cmort On Mon, Mar 12, 2012 at 8:55 AM, Alex Bilbie wrote: > Hello, > > Can anyone please tell me if there are any implementations of the OAuth 2 > SAML bearer tokens draft specification? > > It is our inten

[OAUTH-WG] Are there any implementations of the SAML bearer token specificiation?

2012-03-12 Thread Alex Bilbie

Hello, Can anyone please tell me if there are any implementations of the OAuth 2 SAML bearer tokens draft specification? It is our intention to expand on the existing work (see http://lncn.eu/jsx5) we have done at the University of Lincoln and develop an implementation of the above specificati

Re: [OAUTH-WG] Client credentials flow vs. authorization grant flow for native clients

2012-03-12 Thread Richer, Justin P.

Client credentials is not the right flow for this approach since there's a user present at the client and they can close the loop for you. The Device Flow, if it were to get picked up and fleshed out a bit, is a better fit for what you're after and is made for just such a disconnected world wher

[OAUTH-WG] Client credentials flow vs. authorization grant flow for native clients

2012-03-12 Thread Stein Desmet

I have mistakingly asked this question on the google group on google's Oauth2 implementation, so here it is at the correct place (I hope). We have an authentication server/identity provider, and a number of external web applications (ie resource servers) that make use of it. We would like to buil

Re: [OAUTH-WG] question about the b64token syntax in draft-ietf-oauth-v2-bearer

2012-03-12 Thread George Fletcher

+1 On 3/11/12 12:45 PM, Richer, Justin P. wrote: +1 *From:* oauth-boun...@ietf.org [oauth-boun...@ietf.org] on behalf of Brian Campbell [bcampb...@pingidentity.com] *Sent:* Sunday, March 11, 2012 9:50 AM *To:* John Bradle

Re: [OAUTH-WG] Issue token for another user

2012-03-12 Thread David Fox

This looks identical to what I want to do, i'll definitely hop on the tweet chat. Also, do you know of any good resources touching on how to implement this? Thanks :) On 3/12/2012 00:43, Eve Maler wrote: As written in the I-D, the use case does call for person-to-person sharing, which OAuth i

[OAUTH-WG] JSON Web Token (JWT) Specification Draft -08

[OAUTH-WG] FW: Draft -01 of JSON Crypto Specs: JWS, JWE, JWK, JWA, JWS-JS, JWE-JS

Re: [OAUTH-WG] Client credentials flow vs. authorization grant flow for native clients

[OAUTH-WG] OAuth 2.0 Bearer Token Specification Draft -18

[OAUTH-WG] I-D Action: draft-ietf-oauth-v2-bearer-18.txt

Re: [OAUTH-WG] Are there any implementations of the SAML bearer token specificiation?

Re: [OAUTH-WG] Are there any implementations of the SAML bearer token specificiation?

Re: [OAUTH-WG] Are there any implementations of the SAML bearer token specificiation?

[OAUTH-WG] Are there any implementations of the SAML bearer token specificiation?

Re: [OAUTH-WG] Client credentials flow vs. authorization grant flow for native clients

[OAUTH-WG] Client credentials flow vs. authorization grant flow for native clients

Re: [OAUTH-WG] question about the b64token syntax in draft-ietf-oauth-v2-bearer

Re: [OAUTH-WG] Issue token for another user

13 matches

Site Navigation

Mail list logo

Footer information