Dear all,
We are currently modeling part 1 and part 2 of the OpenID Financial API
in the FKS Web Model and have a few questions regarding the OAuth 2.0
Token Binding.
In section 3.1. of draft-ietf-oauth-token-binding-06, it is not very
clear how an Access Token issued from the Authorization End
Thanks Samuel (even though this doc already went through WGLC!). I'll
attempt to address your comments/questions inline below.
On Sat, May 12, 2018 at 4:21 PM, Samuel Erdtman wrote:
> Hi
>
> Thanks for a great document.
>
And thank you too!
I have some minor comments.
>
> in Abstract
> “...ba
Typically when an access token is issued via the implicit grant directly
from the authorization endpoint, it is for a client that is running as
script in the user-agent. The AS binds the access token to the referred
token binding, which would be the token binding between the user-agent
(where the c
