A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol WG of the IETF.
Title : OAuth 2.0 Incremental Authorization
Author : William Denniss
Filename: draft-ietf
Dear Torsten,
To the point. (^_^; It is "request object". Sorry.
Best,
Taka
2019年4月30日(火) 19:24 Torsten Lodderstedt :
> Dear Taka,
>
> thanks for your feedback.
>
> How would this more generic mechanism differ from the JSON-based request
> object? I personally would advocate to use both, struc
Hi all,
For the application I work on, Topicus KeyHub, we are investigating 'OAuth 2.0
Token Exchange'. We want to use this protocol to exchange an access token for
a SAML assertion for signing in to AWS (see below). However, I noticed that
draft 16 has expired on April 22, 2019. Is this specif
Hi Rifaat,
node.js OSS oidc-provider implements the document in full behind an optional
feature toggle -
https://github.com/panva/node-oidc-provider/blob/master/docs/README.md#featuresjwtintrospection
Best,
Filip
Odesláno z iPhonu
2. 5. 2019 v 22:46, Rifaat Shekh-Yusef :
> All,
>
> As part
Are you hoping to use the key to authenticate the user, or the OAuth
client? If it's the latter, then you don't need to use MTLS to the
authorisation endpoint. If it's the former, I'd argue that you would
certainly need to include your public key in an X509 cert and *somehow*
make it available to t
Yes. I was more wondering if the app can invoke the system embedded view using
its own key pair to ensure protected authen.
Eg. If the authorization endpoint is set to require mutual tls, can the system
view use the app’s keys since the app is invoking it?
Or, would there have to be a user x.5
