Hi Asela, We can think of the client as the end user in this case and return client's attributes in the JWT.
On Fri, Nov 29, 2013 at 10:16 AM, Asela Pathberiya <[email protected]> wrote: > Hi All, > > Our current OAuth implementation issues JWT token when validating an OAuth > token that is granted by client credential grant type. This JWT token > contains end user name and user's attributes. Please refer jira [1]. > > 1. How we are identifying the authorized user and claims in the JWT token > when client credential grant type is used? > > 2. Can we find any thing related to this in the OAuth specification? If, > Please point me. I could not still find. > > IMO, It seems to be that It could not be returned end user and user's > attribute with this grant type. Please correct me, if wrong. > > [1] https://wso2.org/jira/browse/APIMANAGER-1329 > > Thanks, > Asela. > > -- > Thanks & Regards, > Asela > > ATL > Mobile : +94 777 625 933 > -- Thanks & Regards, *Johann Dilantha Nallathamby* Senior Software Engineer Integration Technologies Team WSO2, Inc. lean.enterprise.middleware Mobile - *+94777776950* Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
