Hi all, I just noticed that there doesn't seem to be an explicit registry of OAuth Grant Types defined anywhere, should there be such a registry kept with IANA for standardized grant types?
https://datatracker.ietf.org/doc/html/rfc6749#section-8.3 > Defining New Authorization Grant Types > New authorization grant types can be defined by assigning them a unique > absolute URI for use with the "grant_type" parameter. If the extension grant > type requires additional token endpoint parameters, they MUST be registered > in the OAuth Parameters registry as described by Section 11.2. This just says the additional parameters must be registered, but nothing about the grant type itself besides it must be an absolute URI (urn's are often used). Would it be worth defining an explicit registry with IANA as part of OAuth 2.1? Yours, Emelia Smith _______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
