I propose alter the spec so that the token responses are encoded with application/x-www-form-urlencoded, matching OAuth 1.0. I also propose moving the JSON and XML support for these responses to an extension.
I haven't heard an argument that convinces me that JSON adds anything over application/x-www-form-urlencoded. It seems to be a preference and as such can be accommodated as an extension. Thoughts?
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
