Wouldn't expired_token be appropriate here? On Wed, Jul 5, 2017 at 12:02 PM Chris Needham <[email protected]> wrote:
> Hi, > > I'm one of the contributors to the ETSI Cross Platform Authentication spec > [1], which was based on an early draft of the OAuth 2.0 Device Flow. > > One of the things we found useful, and not included in the current OAuth > 2.0 Device Flow [2, section 3.5], is a return code for the case where the > authorization server decides to cancel the pairing process. This may be due > to a user interaction, such as declining the presented terms and > conditions, for example. Such a return code allows the client to stop > polling and to display an appropriate message to the user. (I didn't find a > suitable error code in RFC6749.) > > In the ETSI spec we used the error code 'cancelled' for this purpose: > > cancelled > > The authorization server has cancelled the pairing process. This can > occur, > for example, if the user declined to authorize the client, e.g., by not > accepting terms and conditions presented to them by the authorization > server. > > Best regards, > > Chris > > [1] > http://www.etsi.org/deliver/etsi_ts/103400_103499/103407/01.01.01_60/ts_103407v010101p.pdf > [2] https://tools.ietf.org/id/draft-ietf-oauth-device-flow-06.txt > > -- > Chris Needham > Principal Software Engineer > BBC Research & Development > Centre House, 56 Wood Lane, London W12 7SB > > _______________________________________________ > OAuth mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/oauth >
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
