[Openid-specs-fapi] Issue #62: Scope is not specific enough (openid/fapi)

Nat Sakimura issues-reply at bitbucket.org
Mon Jan 30 12:25:40 UTC 2017

New issue 62: Scope is not specific enough

Nat Sakimura:

Currently, the scope states: 

This document specifies the method of

* applications to obtain the OAuth tokens in an appropriately secure manner for the financial data access;
* application to utilize OpenID Connect to identify the customer;
* representing financial data in JSON format;
* using the tokens to interact with the REST endpoints that provides financial data; and
* enabling users to control the security and privacy settings.

This document is applicable to both commercial and investment banking accounts as well as insurance, and credit card accounts are to be considered.

This is applicable to the entire document set and not to this particular part, which is very confusing. 

It should instead state what this part describes.

Responsible: Nat

More information about the Openid-specs-fapi mailing list