Re: [OAUTH-WG] Meeting Minutes

>> John Bradley sang a few notes from the Sound of Music to end the meeting. Were the hills alive? :) -gil -Original Message- From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Hannes Tschofenig Sent: Thursday, April 7, 2016 3:14 AM To: oauth@ietf.org Subject: [OAUTH-WG] Meeting Mi

Re: [OAUTH-WG] [scim] Simple Federation Deployment

That’s an issue we’re facing as well. Definitely interested. -gil From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Nat Sakimura Sent: Wednesday, April 6, 2016 4:57 PM To: 'Hardt, Dick' ; 'Phil Hunt (IDM)' Cc: s...@ietf.org; oauth@ietf.org Subject: Re: [OAUTH-WG] [scim] Simple Feder

Re: [OAUTH-WG] OAuth & Authentication: What can go wrong?

+1 for me. -- Original Message -- From: "John Bradley" To: "Nat Sakimura" Cc: "Derek Atkins" ; "oauth@ietf.org" Sent: 12/09/2014 9:30:50 AM Subject: Re: [OAUTH-WG] OAuth & Authentication: What can go wrong? And me Sent from my iPhone On Sep 11, 2014, at 7:49 PM, Nat Sakimura wrote

Re: [OAUTH-WG] Please help me understand OAuth 2.0

>> IMHO OAuth2 is becoming much bigger... Take the client credentials grant. People are using it today in the traditional scenarios, because OAuth2 tokens have good security properties. Agreed. -gil ___ OAuth mailing list OAuth@ietf.org https://www.ie

Re: [OAUTH-WG] Please help me understand OAuth 2.0

The RFCs 6749 and 6750 are a good place to start. http://tools.ietf.org/html/rfc6749 and http://tools.ietf.org/html/rfc6750. The first thing to understand is that OAuth2 targets a very specific use case of a user authorizing an application (like Twitter) access to resources they own (like p