On Fri, Oct 25, 2013 at 1:41 PM, Phil Hunt wrote:
> Finally, I'm not sure who might be able to lead this (Tim?), but there was
> some interesting views expressed by Google staffers at this weeks IIW in
> Mountain View that seem to indicate that the need for client credentials in
> mobile apps may
I'm working off this document for our client registration:
http://tools.ietf.org/html/draft-ietf-oauth-dyn-reg-14
Section 4 - Client Configuration Endpoint says this:
The client MUST use its registration access token in
all calls to this endpoint as an OAuth 2.0 Bearer Token [RFC6750].
I'm
Chairs,
I'd like to request some time to present the Software Statement and Client
Association drafts as part of the overall Client registration discussion. The
method Tony and I have proposed reflects a pattern (token swap using the 4.5
extension) that is actually in wide use today.
I would a
Le 25 oct. 2013 19:28, "Torsten Lodderstedt" a
écrit :
>
>
> Am 25.10.2013 11:19, schrieb Thomas Broyer:
>>
>>
>>
>>
>> On Thu, Oct 24, 2013 at 7:50 AM, Torsten Lodderstedt <
tors...@lodderstedt.net> wrote:
>>>
>>> Hi Thomas,
>>>
>>> we generate access tokens per resource server in order to mitiga
Am 25.10.2013 11:19, schrieb Thomas Broyer:
On Thu, Oct 24, 2013 at 7:50 AM, Torsten Lodderstedt
mailto:tors...@lodderstedt.net>> wrote:
Hi Thomas,
we generate access tokens per resource server in order to mitigate
this and other risks. You must issue those tokens to different
On Thu, Oct 24, 2013 at 4:36 PM, Richer, Justin P. wrote:
> On Oct 23, 2013, at 5:27 PM, Thomas Broyer
> wrote:
>
> On Wed, Oct 23, 2013 at 9:22 PM, Richer, Justin P. wrote:
>
>> Hi Thomas,
>>
>> You're right in that the introspection process is about getting meta
>> data about a particular t
On Thu, Oct 24, 2013 at 7:50 AM, Torsten Lodderstedt <
tors...@lodderstedt.net> wrote:
> Hi Thomas,
>
> we generate access tokens per resource server in order to mitigate this
> and other risks. You must issue those tokens to different audiences
> (resource server id) and the resource servers must
