Hi Logan,
Thanks for the note.
The intent would be to present that information in the same way you would when
querying a users/, encoded in claims; hence groups would be a list of
values representing what groups the subject belongs to, rather than a list of
full group definitions (with all the
Thanks for the extra details! I published an updated draft.
Comments:
* The reason for the restructuring is the following: [..]counter-measures
are applicable to end users and clients looking at the tokens [..] The first
sentence talks about clients and end users and not just about
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol WG of the IETF.
Title : JSON Web Token (JWT) Profile for OAuth 2.0 Access
Tokens
Author : Vittorio Bertocci
Hi Hannes,
Thank you!
I am not aware of any IPR related to
https://datatracker.ietf.org/doc/draft-ietf-oauth-access-token-jwt/.
On 9/17/20, 05:48, "Hannes Tschofenig" wrote:
Hi Vittorio,
I am working on the shepherd writeup for the "JSON Web Token (JWT) Profile
for OAuth 2.0
The IESG has received a request from the Web Authorization Protocol WG
(oauth) to consider the following document: - 'The OAuth 2.0 Authorization
Framework: JWT Secured Authorization
Request (JAR)'
as Proposed Standard
This document is being brought back for a second IETF Last Call to
The -04 revision of the PAR draft has updates and edits that endeavor to
address the feedback received during the (somewhat) recently completed WGLC
process. Thanks to everyone who provided feedback and participated in the
related discussions.
-- Forwarded message -
From:
Date:
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol WG of the IETF.
Title : OAuth 2.0 Pushed Authorization Requests
Authors : Torsten Lodderstedt
