Your usecase sounds a little bit like the assertion flow.
The RO issues an assertion and the rest goes.
Is there reasons that an assertion flow cannot do?
Nat
On Mon, Dec 3, 2012 at 3:35 PM, wrote:
> my use case(RO-initiated delegation):
> -I deposit my child(precious resource) at kindergarden(
Well, there is a related thread
http://www.ietf.org/mail-archive/web/oauth/current/msg09946.html
But my use case is different from Siriwardena's.
what OAuth does:
-I deposit my child(precious resource) at kindergarden(Resource Server)
-when someone tries to take him outside of the kindergarden
Could you kindly explain the use case a little more, please?
Nat
On Mon, Dec 3, 2012 at 9:51 AM, wrote:
>
> http://datatracker.ietf.org/doc/draft-zhou-oauth-owner-auth/
>
> ___
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listi
http://datatracker.ietf.org/doc/draft-zhou-oauth-owner-auth/
___
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
The draft relies heavily on the definition "access grant", but no definition is
provided in the draft or RFC 6749. It's been my interpretation that an "access
grant" is the *fact* that a resource owner has authorized a client (potentially
scoped) access to the protected resources. Once access is
