subject:"\[OAUTH\-WG\] Client Authentication Method at Device Authorization Endpoint"

Re: [OAUTH-WG] Client Authentication Method at Device Authorization Endpoint

2019-06-03 Thread Takahiko Kawasaki

Dear Filip, Thank you for your comment. Historically, metadata related to client authentication methods have been defined for each endpoint such as token endpoint, introspection endpoint and revocation endpoint. When defining the CIBA specification, we discussed whether to define a new metadata fo

Re: [OAUTH-WG] Client Authentication Method at Device Authorization Endpoint

2019-06-03 Thread Filip Skokan

Hello Takahiko, Such language already exists in second to last paragraph of section 3.1. Like with CIBA the client’s regular token endpoint auth method is used at the device authorization endpoint. > The client authentication requirements of Section 3.2.1 of [RFC6749] apply to > requests on t

[OAUTH-WG] Client Authentication Method at Device Authorization Endpoint

2019-06-03 Thread Takahiko Kawasaki

Hello, Do you have any plan to define a rule as to which client authentication method should be used at the device authorization endpoint (which is defined in OAuth 2.0 Device Authorization Grant )? Section 4 of CIBA

Re: [OAUTH-WG] Client Authentication Method at Device Authorization Endpoint

Re: [OAUTH-WG] Client Authentication Method at Device Authorization Endpoint

[OAUTH-WG] Client Authentication Method at Device Authorization Endpoint

3 matches

Site Navigation

Mail list logo

Footer information