Agreed, it's nuts to return a refresh token for that flow.
Eran, why is this still in the spec? You agreed to remove it almost a
year ago. It's come up multiple times since then.
http://www.ietf.org/mail-archive/web/oauth/current/msg03651.html
Cheers,
Brian
On Fri, Jun 3, 2011 at 9:45 AM, Mar
On Thu, Jun 2, 2011 at 11:05 PM, Shane B Weeden wrote:
> Would anyone care to explain what the value of a refresh token is for peer
> to peer applications utilizing the client_credentials grant type, or
> validate if my explanation is the intended use case?
Are you asking why would an authorizat
Would anyone care to explain what the value of a refresh token is for peer
to peer applications utilizing the client_credentials grant type, or
validate if my explanation is the intended use case?
Recall:
* it is required to provide client credentials to get an access token [and
refresh token]
*
