And who is the AS?
On Mon, Jul 23, 2018 at 12:50 PM, Torsten Lodderstedt <
tors...@lodderstedt.net> wrote:
>
> Am 23.07.2018 um 13:58 schrieb Dick Hardt :
>
> In your examples, are these the same AS?
>
>
> yes
>
>
>
>
> On Mon, Jul 23, 2018 at 3:42 AM Torsten Lodderstedt <
>
My sense is that there's enough WG support to keep the multiple "resource"
parameters at both endpoints. The contextual meaning might be a bit
different at each endpoint - as you point out the refresh token may
represent the overall grant whereas the token request may issue an access
token
> Am 23.07.2018 um 13:58 schrieb Dick Hardt :
>
> In your examples, are these the same AS?
yes
>
>
>
>> On Mon, Jul 23, 2018 at 3:42 AM Torsten Lodderstedt
>> wrote:
>> Hi Dick,
>>
>> > Am 23.07.2018 um 00:52 schrieb Dick Hardt :
>> >
>> > Entering in an email address that resolves to a
The IESG has received a request from the Web Authorization Protocol WG
(oauth) to consider the following document: - 'OAuth 2.0 Token Exchange'
as Proposed Standard
The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive
In your examples, are these the same AS?
On Mon, Jul 23, 2018 at 3:42 AM Torsten Lodderstedt
wrote:
> Hi Dick,
>
> > Am 23.07.2018 um 00:52 schrieb Dick Hardt :
> >
> > Entering in an email address that resolves to a resource makes sense. It
> would seem that even if this was email, calendar
Hi Dick,
> Am 23.07.2018 um 00:52 schrieb Dick Hardt :
>
> Entering in an email address that resolves to a resource makes sense. It
> would seem that even if this was email, calendar etc. -- that those would be
> different scopes for the same AS, not even different resources. That is how
>