I'm a bit surprised by this question... Accessing protected resources is outside the scope of v2 but both Bearer and MAC clearly allow any HTTP method.
EHL > -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf > Of Freeman, Tim > Sent: Monday, April 18, 2011 4:26 PM > To: [email protected] > Subject: [OAUTH-WG] Can you use POST to access protected resources? > > Section 7 of http://tools.ietf.org/html/draft-ietf-oauth-v2-15 gives examples > of how to access protected resources. All of the examples use GET. > > Our protected resources are identified by a query, which might be a few > kilobytes. I'm concerned that this may not fit inside the length limitation > on > GET's for some web servers. Our present implementation does a POST > instead. > > Definition-by-example is easy to understand, but it is not good at > unambiguously specifying the boundary of permitted behavior. Was the > spec meant to allow using HTTP operations other than GET to access > protected resources? > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
