Okay, I'm going to commit the modified interface for SecurityToken.
This means that implementers will need to either default to a
container value or round-trip container information in the security
token (see examples).
On Jan 23, 2009, at 3:03 PM, Brian Eaton wrote:
Anyone know if the 'domain' of a security token would suffice as
the container value?
It doesn't. The domain is used for outbound signed fetch calls as the
oauth_consumer_key value. Multiple containers might use the same
consumer key. (For example, sandbox vs prod.)
