The framework does register a CWT 'scoop' claim, but I think it has to register it with JWT too to be correct.
https://tools.ietf.org/html/draft-ietf-ace-oauth-authz-08#section-8.5 //Samuel On Tue, Oct 31, 2017 at 10:28 AM, Hannes Tschofenig < [email protected]> wrote: > Hi all, > > > > I was wondering whether we should define a claim, scope, that captures the > scope that was granted by the authorization server. > > > > Ciao > > Hannes > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy the > information in any medium. Thank you. > > _______________________________________________ > Ace mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ace > >
_______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
