+1 for cid > On Jun 21, 2016, at 7:35 AM, John Bradley <[email protected]> wrote: > > I prefer “cid” as the claim name rather than trying to match the parameter > name. > > John B. >> On Jun 20, 2016, at 6:22 PM, Justin Richer <[email protected]> wrote: >> >> +1 for “cid”, consistent with other JWT claims. >> >> — Justin >> >>> On Jun 20, 2016, at 5:21 PM, Brian Campbell <[email protected]> >>> wrote: >>> >>> There is a somewhat poorly worded open issue in Token Exchange about being >>> able to represent the client in the token. >>> >>> There is currently no standard claim for the client in JWT while Token >>> Introspection defines a "client_id" parameter. It's maybe not the ideal >>> place for it but Token Exchange could define such a claim for JWT. >>> >>> I'm looking for some feedback from the WG on if/how to proceed with this in >>> Token Exchange. As I see it, there are basically 3 options: >>> >>> 1) Define and register a "client_id" JWT claim (consistent with the name in >>> Token Introspection) to carry the client id of the OAuth 2.0 client that >>> requested the token. >>> >>> 2) Define and register a "cid" JWT claim (consistent with the shorter names >>> typical for JWT) to carry the client id of the OAuth 2.0 client that >>> requested the token. >>> >>> 3) Do not define/register any new JWT claim for the client identifier (in >>> the Token Exchange draft anyway). >>> >>> Feedback/preferences would be appreciated from the WG so as to make some >>> progress on the draft. >>> >>> If pressed, I guess I'd lean towards option #1 myself. >>> >>> >>> >>> _______________________________________________ >>> OAuth mailing list >>> [email protected] >>> https://www.ietf.org/mailman/listinfo/oauth >> >> _______________________________________________ >> OAuth mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/oauth > > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
