A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol WG of the IETF.
Title : JWT Response for OAuth Token Introspection
Authors : Torsten Lodderstedt
Hi all,
we just published a new revision of the JWT Introspection Response Draft.
Changes:
* adapted wording to preclude any accept header except "application/jwt" if
encrypted responses are required
* use registered alg value RS256 for default signing algorithm
* added text on claims in the tok
Hi Brian,
> If the
> authorization server fails to parse the provided value or does not
> consider the resource server acceptable, it MUST reject the
> request and provide an error response with the error code
> "invalid_resource".
If the resource parameter is not an
