Hi, all! It is said in RFC 6749 (The OAuth 2.0 Authorization Framework) that
“this specification is designed for use with HTTP ([RFC2616])” and “The use of
OAuth over any protocol other than HTTP is out of scope.” Do those statements
mean that the communication between any two roles in OAuth protocol (namely
resource owner, resource server, client and authorization server) is based on
HTTP protocol? I am not familiar with the OAuth protocol and just would like to
confirm this question. Any response is appreciated!
Best wishes!
Guangqing Deng
dgq2011
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
