I think response mode is only needed if you are overloading a existing authorization endpoint.
URI are cheep so I don’t see the value. > On Mar 13, 2017, at 8:47 AM, Brian Campbell <[email protected]> > wrote: > > > > On Sat, Mar 11, 2017 at 1:54 PM, William Denniss <[email protected] > <mailto:[email protected]>> wrote: > > On Sat, Mar 11, 2017 at 12:40 PM, Justin Richer <[email protected] > <mailto:[email protected]>> wrote: > >> >> Secondly, I had a question about the “response_type” parameter to the device >> endpoint. This parameter is required and it has a single, required value, >> with no registry or other possibility of extension. What’s the point? If >> it’s for “parallelism”, I’ll note that this is *not* the authorization >> endpoint (as the user is not present) and such constraints need not apply >> here. >> >> Good points here. At a guess, it bled in from the OAuth spec. If it's not >> needed, we should remove it. >> > > I’d vote for removal, I don’t see the point. > > +1 on removal of the “response_type” parameter from the Device Authorization > Request > > > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
