Sending to the right place. On Oct 18, 2011, at 20:36, "qijun83" <qiju...@gmail.com<mailto:qiju...@gmail.com>> wrote:
Dear Sir, It's really very pleasure for me to write to you for asking some questions about oauth-v2-22 as follows. In section 2.3 (Client Authentication), it is recommended to use the HTTP Basic authentication scheme like "Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW", which is included of "user_id" and "password" as defined in [RFC2617<http://tools.ietf.org/html/rfc2617>], instead of using the parameters of "client_id" and "client_secret" in HTTP request body. I want to know, (1). whether "user_id" equals to "client_id", and "password" equals to "client_secret". (2). and whether it is allowed to use both of the HTTP Basic authentication scheme and the client credentials in the request body at the same time. Looking forward to hearing from you. Yours, sincerely Qijun Zhang
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth