Hi, I just manage to take the time to read this document and in general I like it a lot I think it fills a gap and with mapping to CBOR, and CoAP it will work well for more constrained deceive too.
There are several details that would be great to address such as IANA section more thorough descriptions of device_code and user_code and It would also be good with more examples e.g. a poll example. The above things one can figure out relatively easy but how and where are poll requests sent. Is it new post requests to the token endpoint with the device_code included; or is it get requests to the token endpoint with the device_code; or is it a completely different endpoint? A solution that I would like is to have a poll url instead of the device_code then the client does not need to know how to construct the poll url form the device_code. Is there a github repo or something similar that I could send pull requests to? Best regards //Samuel
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
