In Alexa, we are coming across scenarios where both parties are both a
resource and an authorization server, and each of them requires an access
token for the other.
Is anyone else interested in such scenarios and would like to get together
informally in Prague this week?
/Dick
_
Could some more guidance be provided around how to use the explicit typing
with nested JWTs?
I'd imagine that the "typ" header should be in the header of the JWT that
is integrity protected by the issuer?
On Tue, Jul 4, 2017 at 9:58 PM, Phil Hunt (IDM)
wrote:
> +1
>
> Thanks Mike.
>
> Phil
>
>
Good point. I’d had that thought as well at one point but failed to express it
in the draft. Will do.
-- Mike
From: Brian Campbell [mailto:bcampb...@pingidentity.com]
Sent: Monday, July 17, 2017 11:53 AM
To: Phil Hunt (IDM)
Cc: Mike Jones