FYI, I have just posted proposed text for 'cid' in a separate thread.
Nat
On Wed, Dec 19, 2012 at 7:14 AM, John Bradley wrote:
> We probably also need to consider this in light of people like Google
> already adding new JWT claims to specify a secondary audience, though there
> 'cid' Client ID
comments inline:
On 12/18/2012 02:14 PM, John Bradley wrote:
We probably also need to consider this in light of people like Google
already adding new JWT claims to specify a secondary audience, though
there 'cid' Client ID claim is more about who requested the token.
In our implementation we
Inline...
On Tue, Dec 18, 2012 at 3:14 PM, John Bradley wrote:
> We probably also need to consider this in light of people like Google
> already adding new JWT claims to specify a secondary audience, though there
> 'cid' Client ID claim is more about who requested the token.
There is a lot of si
We probably also need to consider this in light of people like Google already
adding new JWT claims to specify a secondary audience, though there 'cid'
Client ID claim is more about who requested the token.
I am not keen on claims that are sometimes a literal and sometimes an array,
though it w
WG folks,
I'm wondering if the current definition of the "aud" (audience) claim in
JWT [1], which limits the value of the claim to a case sensitive string
containing a StringOrURI value, might not be flexible enough?
In thinking about or discussing various potential applications of JWT, the
possi