Re: [OAUTH-WG] JWT Token on-behalf of Use case

That's what https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-01 is about. Cheers, -- Mike From: OAuth [mailto:oauth-boun...@ietf.org] On Behalf Of Vivek Bisw

[OAUTH-WG] JWT Token on-behalf of Use case

Hi All, I am looking to solve a use-case similar to WS-Security On-Behalf-Of with OAuth JWT Token. Is there a standard claim which we can define within the OAuth JWT which denot

Re: [OAUTH-WG] Same Origin Method Execution (SOME)

hi John On Jun 25, 2015, at 1:42 AM, John Bradley mailto:ve7...@ve7jtb.com>> wrote: Thanks for the info, As I read it, this is an attack on Java Script callbacks. The information tying it to OAuth is not clear. Is the issue relating to JS people using the implicit flow and the JS loaded from