Hi all, I I’m wondering why draft-ietf-oauth-token-exchange-12 defines a claim „scp“ to carry scope values while RFC 7591 and RFC 7662 use a claim „scope“ for the same purpose. As far as I understand the text, the intension is to represent a list of RFC6749 scopes. Is this correct? What’s the rationale behind?
Different claim names for representing scope values confuse people. I realized that when one of our developers pointed out that difference recently. best regards, Torsten.
Description: S/MIME cryptographic signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth