day, March 25, 2020 12:07 PM
To: OAuth WG mailto:oauth@ietf.org>>
Subject: [OAUTH-WG] Error Responses in JWT Profile for OAuth 2.0 Access
Tokens
Section 4 talks about validating JWT Access Tokens
https://tools.ietf.org/html/draft-ietf-oauth-access-token-jwt-04#section-4
It has a list of thi
o declare it out of scope here, tho I would really
love for us to devise a standard solution for it _somewhere_.
WDYT?
-Original Message-
From: OAuth On Behalf Of Aaron Parecki
Sent: Wednesday, March 25, 2020 12:07 PM
To: OAuth WG
Subject: [OAUTH-WG]
tf.org>>
Subject: [OAUTH-WG] Error Responses in JWT Profile for OAuth 2.0 Access
Tokens
Section 4 talks about validating JWT Access Tokens
https://tools.ietf.org/html/draft-ietf-oauth-access-token-jwt-04#section-4
It has a list of things the RS MUST do when validating a request made with a
JW
OAuth On Behalf Of Aaron Parecki
Sent: Wednesday, March 25, 2020 12:07 PM
To: OAuth WG
Subject: [OAUTH-WG] Error Responses in JWT Profile for OAuth 2.0 Access
Tokens
Section 4 talks about validating JWT Access Tokens
https://tools.ietf.org/html/draft-ietf-oauth-access-token-jwt-04#section-4
It
Section 4 talks about validating JWT Access Tokens
https://tools.ietf.org/html/draft-ietf-oauth-access-token-jwt-04#section-4
It has a list of things the RS MUST do when validating a request made
with a JWT access token. This section contains phrases like "...and
reject tokens..." and "MUST be re
