me case when a protected resource needs the rich authorization?
>
>
>
> Best regards.
>
>
>
> *From: *OAuth on behalf of Brian Campbell
>
> *Date: *Thursday, 25 May 2023 at 21:30
> *To: *"Oliva Fernandez, Jorge" 40santander.co...@dmarc.ietf.org>
> *Cc
, is not exactly the same case when a protected resource
needs the rich authorization?
Best regards.
From: OAuth on behalf of Brian Campbell
Date: Thursday, 25 May 2023 at 21:30
To: "Oliva Fernandez, Jorge"
Cc: "oauth@ietf.org"
Subject: [EXT]Re: [OAUTH-WG] draft-ietf-oauth-rar use
The thinking was generally that params of WWW-Authenticate Response Header
Field weren't a great fit for rich JSON authorization data (both in syntax
and semantics). The authorization detail types are really API-specific
things, and as a result, it's expected that the methods by which clients
Hi,
I have been reviewing the last RAR draft
(https://datatracker.ietf.org/doc/html/draft-ietf-oauth-rar-23) and I was
expecting to find some references about how to use the “WWW-Authenticate”
Response Header Field defined in RFC6750
(https://datatracker.ietf.org/doc/html/rfc6750#section-3)