I am in the process of implementing Device Flow and, going by the specification
draft at https://tools.ietf.org/html/draft-ietf-oauth-device-flow-01, have
noticed some opportunities for improvement, which I am sharing and hoping to
discuss. I am new to providing feedback on IETF drafts, so if y
Hi Brian,
Your explanation is helpful, makes sense now.
In fact, this makes things very interesting for me because it could provide
a round-about way to do an ac/dc like flow where a client C whose AS1 is in
security domain 1 can swap an access token from AS1 for a JWT to present to
AS2 via a JWT
