Hi Justin,
I refered to the data format used at the AS-PR interface. According to
your description, you use JSON objects there. What data does such an
object contain? Is this any different from a JSON Web Token (leaving
aside digital signatures and encryption)?
regards,
Torsten.
Am 18.04.2012 22:01, schrieb Justin Richer:
Not all implementations in the field that do this are using JWTs as
the tokens. Ours in particular used a random blob with no structured
information in it. The endpoint returned a JSON object.
-- Justin
On 04/18/2012 03:53 PM, Torsten Lodderstedt wrote:
Hi all,
is there enough experience in the field with such an interface to
standardize it?
I would expect such an endpoint to return the same payload, which is
carried in a JSON Web Token. So once we designed the JSON Web Tokens
content, designing the AS-PR interface could be the next logical step
(after the next re-charting).
regards,
Torsten.
Am 16.04.2012 21:04, schrieb Justin Richer:
OK, but with SWD and discovery off the table, can this now be
considered to be within that manageable number instead?
We wanted to keep the # of WG items to approximately 5. Once we
finish
some of these items and get them off our plate we could roll new items
onto the plate, theoretically.
That's definitely true going forward, but what I was saying is that
the number of items under consideration is now down to 4, with SWD
moving to the Apps group. I was proposing that the whole
introspection endpoint and general AS-PR connection could be this
group's fifth starting document.
-- Justin
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
