access token: is it possible to send additional (and
optional) parameters along when the client requests an access token ? The draft
states "the authorization server SHOULD ignore unrecognized request
parameters.", so I am thinking "yes". Am I correct
Thorsten, Justin,
Thank you for your answers, I know the spec would not address some of the
points I raised, but I was pretty sure you had some best pratices in mind.
Le 3 mai 2011 à 14:48, Lodderstedt, Torsten a écrit :
>> - More about obtaining an access token: is it possible to send additional
