[Openid-specs-ab] HAL enhanced OAuth 2.0 response – Making OAuth 2.0 slightly more RESTful

Torsten Lodderstedt torsten at lodderstedt.net
Sat Sep 1 08:03:51 UTC 2012


Hi Nat,

regarding "You no longer need to know the protected resource endpoint 
URLs (e.g.,userinfo endpoint) in advance from discovery."

Depends on the process you have in mind and the particular resource. If 
you do user based discovery, you are right. If the starting point of the 
whole process is the resource URL (my photo site), this resource is the 
starting point for discovery.

regards,
Torsten.

Am 29.08.2012 05:54, schrieb Nat Sakimura:
> I created a new blog post: HAL enhanced OAuth 2.0 response – Making
> OAuth 2.0 slightly more RESTful
> http://nat.sakimura.org/2012/08/29/hal-enhanced-oauth-2-0-response/
>
> Food for your thought.
>



More information about the Openid-specs-ab mailing list