On 9/17/18 10:22 AM, Thomas Broyer wrote:
On Mon, Sep 17, 2018 at 3:46 PM George Fletcher
mailto:40aol@dmarc.ietf.org>>
wrote:
Hi,
It appears that RFC 6749 and RFC 6750 are inconsistent in regards
to the
HTTP status code that should be returned when a requested scope
oauth@ietf.org
Objet : [OAUTH-WG] Inconsistent error responses between 6749 and 6750
Hi,
It appears that RFC 6749 and RFC 6750 are inconsistent in regards to the HTTP
status code that should be returned when a requested scope is "invalid".
For example, if a call is make to the /to
On Mon, Sep 17, 2018 at 3:46 PM George Fletcher wrote:
> Hi,
>
> It appears that RFC 6749 and RFC 6750 are inconsistent in regards to the
> HTTP status code that should be returned when a requested scope is
> "invalid".
>
> For example, if a call is make to the /token endpoint to obtain a new
> a
Hi,
It appears that RFC 6749 and RFC 6750 are inconsistent in regards to the
HTTP status code that should be returned when a requested scope is
"invalid".
For example, if a call is make to the /token endpoint to obtain a new
access_token and the scopes requested are outside those issued to t
