The proposed structured_scope fits nicely into the JSON object format of the request object.
At present for similar cases we recommend developers to encode the scope value into a URI with query string parameters, e.g. https://scopes.myapp.com/sign?credentialID=qes_eidas&documentDigests.hash=sTOgwOm+474gFj0q0x1iSNspKqbcse4IeiqlDg/HWuI&documentDigests.label=Mobile%20Subscription%20Contract&hashAlgorithmOID=2.16.840.1.101.3.4.2.1 On 20/04/2019 21:21, Torsten Lodderstedt wrote: > Hi all, > > I just published an article about the subject at: > https://medium.com/oauth-2/transaction-authorization-or-why-we-need-to-re-think-oauth-scopes-2326e2038948 > > > I look forward to getting your feedback. > > kind regards, > Torsten.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
