[Openid-specs-ab] Additional issues with redirect
John Bradley
ve7jtb at ve7jtb.com
Sat May 19 18:50:51 UTC 2012
Yes but there appears to be room for differing implementations with the OAuth Spec.
I would prefer for the Connect Spec to clarify it for interoperability.
John B.
On 2012-05-19, at 2:36 PM, Roland Hedberg wrote:
>
> 19 maj 2012 kl. 14:49 skrev John Bradley:
>
>> So to build a flow chart.
>>
>> So if the client registers only one redirect URI do they need to send it in the request?
>
> I would say no!
>
>> If they don't need to send it in the authz request, do they need to send it to the token endpoint?
>
> Again no !
>
>> My reading of OAuth is that that is not required in the single registered redirect case.
>
>
> Mine too.
>
> -- Roland
> ------------------------------------------------------
> Roland Hedberg
> IT Architect/Senior Researcher
> ICT Services and System Development (ITS)
> Umeå University
> SE-901 87 Umeå, Sweden
> Phone +46 90 786 68 44
> Mobile +46 70 696 68 44
> www.its.umu.se
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4937 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20120519/78ee73e9/attachment.p7s>
More information about the Openid-specs-ab
mailing list