> 5.1.3 etc.: The name client_credentials is confusing > The name client_credentials does not refer to the same concept as the uses of > the term “Client Credentials” in 1.4.3, 3, 5.1.3, and other locations in the > document. It would be far better to rename this parameter “none” or > “implicit”, to indicate that no explicit credentials are being passed in the > protocol. It might also clarify this concept if you added an example.
There are explicit credentials here -- the client id and secret. Naming it "none" or "implicit" would be even more confusing, IMHO, since that implies that you're just handing out tokens to whoever asks. I agree that it needs to be called out more in the document, though, and an example would go a long way to this. -- Justin _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
