Alright, this all sounds good without any changes, except:
On Wed, Apr 14, 2021 at 12:18 AM Vittorio Bertocci <
vittorio.berto...@auth0.com> wrote:
>
> > (4) I presume it's important that any resouree server rejection of
> the token
> > should be constant-time. Is this somewhere in the RF
All,
Take a look at the following links for the April 19th interim
meeting minutes:
https://codimd.ietf.org/s/notes-ietf-interim-2021-oauth-06-oauth
https://datatracker.ietf.org/doc/minutes-interim-2021-oauth-06-202104191200/
Thanks to *Heather Flanagan *for taking these notes.
Regards,
Rifaat
All,
Take a look at the following links for the April 19th interim meeting
minutes:
https://codimd.ietf.org/s/notes-ietf-interim-2021-oauth-06-oauth
https://datatracker.ietf.org/doc/minutes-interim-2021-oauth-06-202104191200/
Thanks to *Heather Flanagan *for taking these notes.
Regards,
Rifaat
Hi all,
in the recent RAR session, we started a discussion about an
authorization_details token request parameter.
This parameter would allow us to solve several outstanding topics:
- Let the client determine what privileges to assign to the first access token
issued in exchange for an author