> We should not conflate with OAuth core framework requirements and
protected resource requirements.
+1
Todd Lainhart
Rational software
IBM Corporation
550 King Street, Littleton, MA 01460-1250
1-978-899-4705
2-276-4705 (T/L)
lainh...@us.ibm.com
From: Nat Sakimura
To: Mike Jones
We implemented our dynamic client registration along the lines that Nat
describes, except that the resource segment and not the query parm
identifies the client. The POST and the GET on the collection return the
resource identifiers (HATEOS). Query parms on the collection GET works as
you mig
I would vote for consistency with 6749 - string tokenizing doesn't seem
like a big deal, esp. since clients are going to have to deal with it when
scopes are returned from the token endpoint. It was raised here when I
realized that we would have to give clients two types of guidance when
deali
Hi Justin
On 30/01/13 22:29, Justin Richer wrote:
It's not meant to follow the same syntax. Instead, it's making use of
the JSON object structure to avoid additional parsing of the values on
the client side.
We could fairly easily define it as the same space-delimited string if
enough people wan
