I think response mode is only needed if you are overloading a existing 
authorization endpoint.

URI are cheep so I don’t see the value.



> On Mar 13, 2017, at 8:47 AM, Brian Campbell <[email protected]> 
> wrote:
> 
> 
> 
> On Sat, Mar 11, 2017 at 1:54 PM, William Denniss <[email protected] 
> <mailto:[email protected]>> wrote:
> 
> On Sat, Mar 11, 2017 at 12:40 PM, Justin Richer <[email protected] 
> <mailto:[email protected]>> wrote:
> 
>> 
>> Secondly, I had a question about the “response_type” parameter to the device 
>> endpoint. This parameter is required and it has a single, required value, 
>> with no registry or other possibility of extension. What’s the point? If 
>> it’s for “parallelism”, I’ll note that this is *not* the authorization 
>> endpoint (as the user is not present) and such constraints need not apply 
>> here.
>> 
>> Good points here. At a guess, it bled in from the OAuth spec. If it's not 
>> needed, we should remove it.
>> 
> 
> I’d vote for removal, I don’t see the point.
> 
> +1 on removal of the “response_type” parameter from the Device Authorization 
> Request
>  
> 
> _______________________________________________
> OAuth mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/oauth

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth

Reply via email to