Dear John, Brian, everyone, I'd like to forward a request from several developers using my AS software to have defined client metadata property similar to scope in section 2 of RFC 7591 <https://tools.ietf.org/html/rfc7591#section-2> but for "resources a client must stay within the bounds of".
My answer to these developer is that they are able to configure their AS with custom client metadata with defined validations executed *but since this is a re-occurring request I wonder if it would be worth to define and register a property in the resource indicators specification itself that would promote interoperability and would allow its readers to know what to look for in available client metadata.* The format can either be an array of resource values or just like with scope a space-delimited string of resource values. Best, *Filip Skokan*
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
