I wanted to get the below question and answer to the right place. ---------- Forwarded message ---------- From: Brian Campbell <[email protected]> Date: Wed, Feb 1, 2012 at 9:01 AM Subject: Re: [OAuth2.0][SAML2.0] 2.2. Using SAML Assertions for Client Authentication Problem ? To: Shiu Fun Poon <[email protected]> Cc: [email protected]
Hi Shiu, Section 2.2 is about client authentication and the parameter names are correct for that context (the names are defined in http://tools.ietf.org/html/draft-ietf-oauth-assertions and this profile defines the values for use with SAML). The example in Section 4 that uses assertion and grant_type is about authorization and not client authentication. And it is consistent with section 2.1 Thanks, B On Tue, Jan 31, 2012 at 10:29 PM, Shiu Fun Poon <[email protected]>wrote: > Hi.. > Reading the latest spec.. are there typos in the following section ? > > 2.2. Using SAML Assertions for Client Authentication > > > he value of "client_assertion_type" parameter MUST ?? Should this be > grant_type > The value of the "client_assertion" parameter ?? Is this assertion (which > is what is shown in the example). > > > > > Thanks. > >
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
