This looks identical to what I want to do, i'll definitely hop on the
tweet chat.
Also, do you know of any good resources touching on how to implement this?
Thanks :)
On 3/12/2012 00:43, Eve Maler wrote:
As written in the I-D, the use case does call for person-to-person
sharing, which OAuth in its current state doesn't really cover. If you
do want to achieve that outcome, User-Managed Access, built on top of
OAuth, specializes in it. You can find out more at
http://kantarainitiative.org/confluence/display/uma/Home . (We're
holding a Twitter #umachat this Wednesday 9-10am PT if you want to
deep-dive on UMA one tweet at a time.)
Eve
On 11 Mar 2012, at 7:10 PM, David Fox wrote:
http://tools.ietf.org/html/draft-zeltsan-oauth-use-cases-02#section-3.8
In order to achieve the use case above, how would the client (a.k.a
the resource owner in this case) specify which user to authorize?
Would the correct approach be to make a request to the Authorization
Server with the grant type set to "client_credentials" and set the
scope to user=user_id (where user_id would be the identifier for the
user Bob)?
-David
_______________________________________________
OAuth mailing list
[email protected] <mailto:[email protected]>
https://www.ietf.org/mailman/listinfo/oauth
Eve Maler http://www.xmlgrrl.com/blog
+1 425 345 6756 http://www.twitter.com/xmlgrrl
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
