That’s what I thought. Thanks for the clarification. On Mon, Jan 13, 2020 at 6:20 PM Justin Richer <[email protected]> wrote:
> Multiple access tokens are outside the scope of RAR. The request is > intended to describe the access for a single returned access token. If > semantics for multiple access tokens are agreed upon, then it can use the > RAR structure, the Resources parameter, and the Scope parameter all in > parallel again. > > — Justin > > > On Jan 13, 2020, at 8:31 PM, Dick Hardt <[email protected]> wrote: > > > > Torsten / Justin / Brian > > > > In my reading of the ID, it appears that there is a request for just one > access token, and the authorization_details array lists one or more > resources that the one access token will provide access to. Correct? > > > > I have heard anecdotally that there is interest in granting access to > multiple resources, and having multiple access tokens, which would enable > different components of a client to have different access tokens. > > > > Do you consider multiple access tokens out of scope of RAR? > > > > /Dick > >
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
