Works for me From: OAuth <[email protected]> On Behalf Of Aaron Parecki Sent: Tuesday, May 12, 2020 2:44 PM To: Phillip Hunt <[email protected]> Cc: OAuth WG <[email protected]> Subject: Re: [OAUTH-WG] Incorporate or Reference RFC8628 Device Authorization Grant?
I have a draft I'm about to publish after our recent discussions. One of the changes is adding an appendix that lists out a bunch of existing OAuth extensions, and the device grant is in there. I also replaced the "Extension Grants" example in section 4.3 (https://tools.ietf.org/html/draft-parecki-oauth-v2-1-02#section-4.3) with the device grant since that is deployed far wider than the SAML Assertion grant that was in that example in RFC6749. This will be published as version -03 in the next few days. Do you think that would be enough? Aaron Parecki On Tue, May 12, 2020 at 2:39 PM Phillip Hunt <[email protected]<mailto:[email protected]>> wrote: One of the use cases brought up in the ROPC thread mentioned that redirect was hard to do in some cases (like IoT). This reminded me of RFC8628, the OAuth Device Authorization Grant. I mention it because for *some* of the cases who say redirection is hard may be able to use the Device Authz Grant. Would it be worth including a section in OAuth 2.1 referencing RFC8628 or, possibly incorporating it? Phil Hunt @independentid [email protected]<mailto:[email protected]> _______________________________________________ OAuth mailing list [email protected]<mailto:[email protected]> https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
