Hi,
I have been reviewing the last RAR draft
(https://datatracker.ietf.org/doc/html/draft-ietf-oauth-rar-23) and I was
expecting to find some references about how to use the “WWW-Authenticate”
Response Header Field defined in RFC6750
(https://datatracker.ietf.org/doc/html/rfc6750#section-3)
The thinking was generally that params of WWW-Authenticate Response Header
Field weren't a great fit for rich JSON authorization data (both in syntax
and semantics). The authorization detail types are really API-specific
things, and as a result, it's expected that the methods by which clients