Aren't these independent issues? Regardless how the client figures what the server supports (discovery or hard code configuration) it must have a way to tell the Authorization Server its preferences when it sends the user over.
Marius On Tue, Mar 30, 2010 at 8:50 PM, Anthony Nadalin <[email protected]> wrote: > So I doubt that the client always knows what the server supports, the server > should be open in allowing all parties to find out what is supported > > -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Brian Eaton > Sent: Tuesday, March 30, 2010 5:44 PM > To: Raffi Krikorian > Cc: OAuth WG > Subject: Re: [OAUTH-WG] A display parameter for user authorization requests > > On Tue, Mar 30, 2010 at 5:25 PM, Raffi Krikorian <[email protected]> wrote: >> why does a client need to discover what the server supports? >> presumably the client would already know given that they are integrating >> with it? > > +1. > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth > _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
