I believe there's a fair amount of precedent for something like it but
typically it's indicating group membership or roll(s) of a user that's
uniquely identified by other claims in a JWT. And, as far as I know,
there's nothing standardized for it so it's done more ad hoc. Thus there's
not really pr
On Sun, Jul 07, 2019 at 09:32:15AM -0400, Brian Campbell wrote:
> On Sat, Jul 6, 2019 at 2:42 PM Benjamin Kaduk wrote:
>
> >
> > > Not to my recollection. I'm honestly not even sure what an array would
> > mean
> > > for "may_act". Do you mean for "act"?
> >
> > Currently we can say that ad...@ex
On Sat, Jul 6, 2019 at 2:42 PM Benjamin Kaduk wrote:
>
> > Not to my recollection. I'm honestly not even sure what an array would
> mean
> > for "may_act". Do you mean for "act"?
>
> Currently we can say that ad...@example.com "may act" as u...@example.com..
> But IIUC we don't have a way to say
On Sat, Jul 06, 2019 at 08:59:30AM -0400, Brian Campbell wrote:
> Thanks Ben, I'll publish an -18 shortly with these suggestions. A bit more
> detail is inline below.
>
>
> On Fri, Jul 5, 2019 at 11:57 PM Benjamin Kaduk via Datatracker <
> nore...@ietf.org> wrote:
>
> >
> > -
Thanks Ben, I'll publish an -18 shortly with these suggestions. A bit more
detail is inline below.
On Fri, Jul 5, 2019 at 11:57 PM Benjamin Kaduk via Datatracker <
nore...@ietf.org> wrote:
>
> --
> COMMENT:
> ---
Benjamin Kaduk has entered the following ballot position for
draft-ietf-oauth-token-exchange-17: Yes
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to htt