Hi Pat, out of couriosity: what is the meaning of the "refresh_token" scope value?
regards, Torsten. Pat Patterson <[email protected]> schrieb: >For what it's worth, we pass back a space-separated list in the >response: > >{ > "id":" >https://login.salesforce.com/id/00Dd0000000f6kcEAA/005d0000001kTmOAAU";, > "issued_at":"1386201559129", > *"scope":"id api refresh_token",* > "instance_url":"https://aloha.my.salesforce.com";, > "refresh_token":"5Ae...vDy", > "signature":"5cN...mw=", > "access_token":"00D...1aI" >} > >Cheers, > >Pat > >-- > >Pat Patterson | Developer Evangelist Architect | >http://about.me/patpatterson > > >On Wed, Dec 4, 2013 at 12:06 PM, John Bradley <[email protected]> >wrote: > >> Per Sec 3.3 and Appendix A.4 >> >> scope is a space SP separated list of scope-token which are 1*NQCHAR >> >> So query encoded it looks like &scope=openid%20profile%20email (you >would >> be sending it in a POST form encoded to the token endpoint in your >case) >> and the response will be JSON: >> { >> "access_token":"2YotnFZFEjr1zCsicMWpAA", >> "token_type":"example", >> "expires_in":3600, >> "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA", >> "scope":"openid profile email" >> } >> >> Yes the examples probably should have included scope but it is clear >from >> the normative text. >> >> John B. >> >> On Dec 3, 2013, at 8:55 AM, Andreas Kohn <[email protected]> >wrote: >> >> > Hi, >> > >> > the current RFC for OAuth 2.0 >(http://www.rfc-editor.org/rfc/rfc6749.txt) >> is very unclear on *how* to return the scope in the access token >response >> if there are multiple scopes requested/returned. >> > >> > Could someone please clarify whether the scopes are supposed to be >> returned as >> > 1. space separated string value (i.e. in the same syntax in which >they >> came in), or >> > 2. as JSON array (looks most "JSON-y"), or >> > 3. in another format (for example github uses ',') >> > >> > There is a related question on stackoverflow: >> >http://stackoverflow.com/questions/13290994/how-should-approved-scopes-be-returned-from-an-oauth2-0 >> > >> > >> > Regards, >> > -- >> > Andreas >> > >> > >> > >> > _______________________________________________ >> > OAuth mailing list >> > [email protected] >> > https://www.ietf.org/mailman/listinfo/oauth >> >> >> _______________________________________________ >> OAuth mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/oauth >> >> > > >------------------------------------------------------------------------ > >_______________________________________________ >OAuth mailing list >[email protected] >https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
