Hello, I'm actually very curious as well about this and the reasons for the differences between the implementation and the current draft (grant_type value, parameters, etc.).
Was this discussed somewhere already? Regards,-- Bertrand CARLIER From: OAuth <[email protected]> On Behalf Of Lee McGovern Sent: lundi 8 juillet 2019 10:25 To: [email protected] Subject: [OAUTH-WG] OBO Flow Does it appear strange that Microsoft have called their token exchange flow implementation (https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-on-behalf-of-flow) On-Behalf-Of flow? I was under the impression that delegation was the core use case for oauth development i.e. when Yelp wants access to your Google contacts a scope is defined and consent is granted for that client to act on your behalf... Best, Lee McGovern | IAM Architect | [email protected]<mailto:[email protected]> This e-mail, including attachments, is intended for the person(s) or company named and may contain confidential and/or legally privileged information. Unauthorized disclosure, copying or use of this information may be unlawful and is prohibited. If you are not the intended recipient, please delete this message and notify the sender. All incoming and outgoing e-mail messages are stored in the Swiss Re Electronic Message Repository. If you do not wish the retention of potentially private e-mails by Swiss Re, we strongly advise you not to use the Swiss Re e-mail account for any private, non-business related communications. The information transmitted in the present email including the attachment is intended only for the person to whom or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete all copies of the material. Ce message et toutes les pi?ces qui y sont ?ventuellement jointes sont confidentiels et transmis ? l'intention exclusive de son destinataire. Toute modification, ?dition, utilisation ou diffusion par toute personne ou entit? autre que le destinataire est interdite. Si vous avez re?u ce message par erreur, nous vous remercions de nous en informer imm?diatement et de le supprimer ainsi que les pi?ces qui y sont ?ventuellement jointes.
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
