[Openid-specs-fapi] Issue #62: Scope is not specific enough (openid/fapi)
Nat Sakimura
issues-reply at bitbucket.org
Mon Jan 30 12:25:40 UTC 2017
New issue 62: Scope is not specific enough
https://bitbucket.org/openid/fapi/issues/62/scope-is-not-specific-enough
Nat Sakimura:
Currently, the scope states:
This document specifies the method of
* applications to obtain the OAuth tokens in an appropriately secure manner for the financial data access;
* application to utilize OpenID Connect to identify the customer;
* representing financial data in JSON format;
* using the tokens to interact with the REST endpoints that provides financial data; and
* enabling users to control the security and privacy settings.
This document is applicable to both commercial and investment banking accounts as well as insurance, and credit card accounts are to be considered.
This is applicable to the entire document set and not to this particular part, which is very confusing.
It should instead state what this part describes.
Responsible: Nat
More information about the Openid-specs-fapi
mailing list