[Openid-specs-ab] Additional issues with redirect

John Bradley ve7jtb at ve7jtb.com
Sat May 19 18:50:51 UTC 2012


Yes but there appears to be room for differing implementations with the OAuth Spec.

I would prefer for the Connect Spec to clarify it for interoperability.

John B.
On 2012-05-19, at 2:36 PM, Roland Hedberg wrote:

> 
> 19 maj 2012 kl. 14:49 skrev John Bradley:
> 
>> So to build a flow chart.
>> 
>> So if the client registers only one redirect URI do they need to send it in the request?
> 
> I would say no!
> 
>> If they don't need to send it in the authz request, do they need to send it to the token endpoint?
> 
> Again no !
> 
>> My reading of OAuth is that that is not required in the single registered redirect case.
> 
> 
> Mine too.
> 
> -- Roland
> ------------------------------------------------------
> Roland Hedberg
> IT Architect/Senior Researcher
> ICT Services and System Development (ITS) 
> Umeå University 
> SE-901 87 Umeå, Sweden	
> Phone +46 90 786 68 44
> Mobile +46 70 696 68 44 
> www.its.umu.se 
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4937 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20120519/78ee73e9/attachment.p7s>


More information about the Openid-specs-ab mailing list