<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Helvetica;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Aptos Display";}
@font-face
{font-family:Aptos;}
@font-face
{font-family:"Amazon Ember Heavy";
panose-1:2 11 8 3 2 2 4 2 2 4;}
@font-face
{font-family:"Amazon Ember Light";
panose-1:2 11 4 3 2 2 4 2 2 4;}
@font-face
{font-family:remialcxesans;
panose-1:0 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:template-CbyZv7ONEe6-oGBFvdGUFw;
panose-1:0 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:zone-1;
panose-1:0 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:zones-AQ;
panose-1:0 0 0 0 0 0 0 0 0 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
font-size:12.0pt;
font-family:"Aptos",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
span.EmailStyle21
{mso-style-type:personal-reply;
font-family:"Aptos",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;
mso-ligatures:none;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 90.0pt 72.0pt 90.0pt;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:899562564;
mso-list-template-ids:-1873130360;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:72.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:108.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:144.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:180.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:216.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:252.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:288.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:324.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
ol
{margin-bottom:0cm;}
ul
{margin-bottom:0cm;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="FR-CA" link="blue" vlink="purple" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal"><span lang="EN-CA" style="font-size:11.0pt;mso-fareast-language:EN-US">It is a real life use case and yes it can be bound a lot of constraints other than amount.<br>
<br>
By the way it fits the API GW testing case where I check if you can POST on /loan with a body payload… before talking to the backend that could others checks.
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-CA" style="font-size:11.0pt;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<div>
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Amazon Ember Heavy",sans-serif">Jean-François “<span style="color:#E97132">Jeff</span>” Lombardo</span></b><span style="font-size:11.0pt"> </span><span style="font-size:10.0pt;font-family:"Amazon Ember Light",sans-serif">|<span style="color:gray">
</span><span style="color:#E97132">Amazon Web Services<o:p></o:p></span></span></p>
<p class="MsoNormal"><span style="font-size:4.0pt;font-family:"Amazon Ember Light",sans-serif;color:gray"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt;font-family:"Amazon Ember Light",sans-serif;color:gray">Principal Solution Architect, Security Specialist - Montréal, Canada<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt;font-family:"Amazon Ember Light",sans-serif;color:gray">Mobile: 514.778.5565<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="font-size:4.0pt;font-family:"Amazon Ember Light",sans-serif;color:gray"><o:p> </o:p></span></p>
<p class="MsoNormal"><i><span lang="EN-US" style="font-size:10.0pt;font-family:"Amazon Ember Light",sans-serif;color:gray">Thoughts on our interaction? Provide feedback
</span></i><span style="font-size:11.0pt"><a href="https://urldefense.com/v3/__https:/feedback.aws.amazon.com/?ea=jeffsec&fn=Jean*20Francois&ln=Lombardo__;JQ!!Pe07N362zA!0k9CkAV8Djpw_8EfIAKrbhP3TQrJr0oMnznlUgBJ3V3NoEk6hihx7dNHnQuejn6SSH2CP8Iow3G-tTzppHeg$"><i><span lang="EN-US" style="font-size:10.0pt;font-family:"Amazon Ember Light",sans-serif;color:#467886">here</span></i></a></span><i><span lang="EN-US" style="font-size:10.0pt;font-family:"Amazon Ember Light",sans-serif;color:gray">.<o:p></o:p></span></i></p>
</div>
<p class="MsoNormal"><span style="font-size:11.0pt;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri",sans-serif"> Openid-specs-authzen <openid-specs-authzen-bounces@lists.openid.net>
<b>On Behalf Of </b>David Hyland via Openid-specs-authzen<br>
<b>Sent:</b> May 8, 2025 8:33 AM<br>
<b>To:</b> AuthZEN Working Group List <openid-specs-authzen@lists.openid.net><br>
<b>Cc:</b> David Hyland <Dave@mydigitalid.info><br>
<b>Subject:</b> RE: [EXT] [Openid-specs-authzen] A question on resource identifiers for resources that do not exist yet<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" style="border-collapse:collapse">
<tbody>
<tr style="height:15.25pt">
<td width="1123" valign="top" style="width:842.35pt;border:solid #ED7D31 1.5pt;padding:0cm 5.4pt 0cm 5.4pt;height:15.25pt">
<p><strong><span style="font-family:"Aptos",sans-serif;color:black;background:#FFFF99">CAUTION</span></strong><span style="color:black;background:#FFFF99">: This email originated from outside of the organization. Do not click links or open attachments unless
you can confirm the sender and know the content is safe.</span><o:p></o:p></p>
</td>
</tr>
</tbody>
</table>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" style="border-collapse:collapse">
<tbody>
<tr style="height:15.25pt">
<td width="1123" valign="top" style="width:842.35pt;border:solid #ED7D31 1.5pt;padding:0cm 5.4pt 0cm 5.4pt;height:15.25pt">
<p><strong><span style="font-family:"Aptos",sans-serif;color:black;background:#FFFF99">AVERTISSEMENT</span></strong><span style="color:black;background:#FFFF99">: Ce courrier électronique provient d’un expéditeur externe. Ne cliquez sur aucun lien et n’ouvrez
aucune pièce jointe si vous ne pouvez pas confirmer l’identité de l’expéditeur et si vous n’êtes pas certain que le contenu ne présente aucun risque.</span><o:p></o:p></p>
</td>
</tr>
</tbody>
</table>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<div>
<p class="MsoNormal">You do have a resource ID - it’s the product id. The amount may be a condition of the product type - determined by the product id. But I really don’t think it this would actually be a real life check as there would be a pile of other criteria
including the customer, term and other loan optionality that would be customer based.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">dh<o:p></o:p></p>
</div>
</div>
<div id="ms-outlook-mobile-body-separator-line">
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div id="ms-outlook-mobile-signature">
<p class="MsoNormal">Get <a href="https://aka.ms/o0ukef">Outlook for iOS</a><o:p></o:p></p>
</div>
<div class="MsoNormal" align="center" style="text-align:center">
<hr size="2" width="98%" align="center">
</div>
<div id="divRplyFwdMsg">
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black"> Openid-specs-authzen <<a href="mailto:openid-specs-authzen-bounces@lists.openid.net">openid-specs-authzen-bounces@lists.openid.net</a>>
on behalf of Allan via Openid-specs-authzen <<a href="mailto:openid-specs-authzen@lists.openid.net">openid-specs-authzen@lists.openid.net</a>><br>
<b>Sent:</b> Thursday, May 8, 2025 2:13:34 PM<br>
<b>To:</b> AuthZEN Working Group List <<a href="mailto:openid-specs-authzen@lists.openid.net">openid-specs-authzen@lists.openid.net</a>><br>
<b>Cc:</b> Allan <<a href="mailto:allan@macguru.com">allan@macguru.com</a>><br>
<b>Subject:</b> Re: [Openid-specs-authzen] A question on resource identifiers for resources that do not exist yet</span>
<o:p></o:p></p>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<p class="MsoNormal"><img border="0" width="1" height="1" style="width:.0083in;height:.0083in" id="_x0000_i1033" src="https://receipts.canarymail.io/track/AE980BFE3A76DE71B7ADC1325DB56676_9AC0E9560293D7A3C0A577D5BE44B398.png"><o:p></o:p></p>
<div id="x_CanaryBody">
<div>
<p class="MsoNormal">well it does bring up the rather interesting case of create <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal"> create doesn't have. resource ID<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">allan<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
<div id="x_CanarySig">
<div>
<div>
<p class="MsoNormal"><span style="font-family:"Helvetica",sans-serif">--<br>
Sent from <a href="https://canarymail.io">Canary</a><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt" id="x_CanaryBlockquote">
<div>
<div>
<p class="MsoNormal">On Thursday, May 08, 2025 at 12:58, Andres Aguiar via Openid-specs-authzen <<a href="mailto:openid-specs-authzen@lists.openid.net">openid-specs-authzen@lists.openid.net</a>> wrote:<o:p></o:p></p>
</div>
<div>
<div>
<p class="MsoNormal">Couldn't the resource be a higher level entity? e.g. the Region? the customer? the bank branch? If it's B2B, the organization?
<o:p></o:p></p>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<p class="MsoNormal">On Thu, May 8, 2025 at 7:46<span style="font-family:"Arial",sans-serif"> </span>AM Andrew Clymer via Openid-specs-authzen <<a href="mailto:openid-specs-authzen@lists.openid.net">openid-specs-authzen@lists.openid.net</a>> wrote:<o:p></o:p></p>
</div>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0cm 0cm 0cm 6.0pt;margin-left:4.8pt;margin-right:0cm">
<div>
<div>
<div>
<p><strong><span style="font-family:"Aptos",sans-serif">This message originated outside your organization.</span></strong><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div class="MsoNormal" align="center" style="text-align:center">
<hr size="2" width="100%" align="center">
</div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Aptos Display",sans-serif;color:black"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Aptos Display",sans-serif;color:black">Sounds to me that resource Id shouldn't be mandatory, or that the resource Id is for the collection of loans. Passing a resource ID of 0 works, but that just feels like a
magic value.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Aptos Display",sans-serif;color:black"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Aptos Display",sans-serif;color:black">Andy<o:p></o:p></span></p>
</div>
<div>
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="100%" style="width:100.0%;border-collapse:collapse">
<tbody>
<tr>
<td style="padding:0cm 0cm 0cm 0cm">
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" style="background:white;border-collapse:collapse">
<tbody>
<tr>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="100%" style="width:100.0%;border-collapse:collapse">
<tbody>
<tr>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal"><a href="https://urldefense.com/v3/__https:/registry.blockmarktech.com/certificates/53f9a3ba-4ba6-4879-8b4d-5f5d3a413118/__;!!PwKahg!_oZpQyjahZpIjImVt2l6ty3_-UC8PNZSaGZmAWvERr278XS6PPKI2I3Gi8NZ16drBnWdfG3cu4SLh1nKc-3u8iaYU7jmzeCjzA$" target="_blank"><span style="font-size:1.0pt;text-decoration:none"><img border="0" width="100" height="100" style="width:1.0416in;height:1.0416in" id="Picture_x0020_2" src="cid:image001.png@01DBC00B.917F1680"></span></a><span style="font-size:1.0pt"><o:p></o:p></span></p>
</td>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" style="border-collapse:collapse">
<tbody>
<tr>
<td valign="top" style="border:none;border-right:solid #000001 3.0pt;padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal"><span style="font-size:1.0pt"><img border="0" width="85" height="124" style="width:.8833in;height:1.2916in" id="Picture_x0020_1" src="cid:image002.png@01DBC00B.917F1680"></span><span style="font-size:1.0pt"><o:p></o:p></span></p>
</td>
</tr>
</tbody>
</table>
</td>
<td valign="top" style="padding:0cm 0cm 0cm 0cm">
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="100%" style="width:100.0%;border-collapse:collapse">
<tbody>
<tr>
<td valign="top" style="padding:5.25pt 0cm 0cm 5.25pt">
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="100%" style="width:100.0%;border-collapse:collapse">
<tbody>
<tr>
<td style="padding:0cm 0cm 0cm 0cm">
<p class="MsoNormal" style="text-align:justify;line-height:10.5pt"><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#000001"><br>
We are the first IdentityServer partner to become a Certified B Corporation™.<br>
Head to our </span><u><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#3A13CD"><a href="https://urldefense.com/v3/__https:/www.rocksolidknowledge.com/mission-statement__;!!PwKahg!_oZpQyjahZpIjImVt2l6ty3_-UC8PNZSaGZmAWvERr278XS6PPKI2I3Gi8NZ16drBnWdfG3cu4SLh1nKc-3u8iaYU7jhI1Aj0A$" target="_blank" title="https://www.rocksolidknowledge.com/mission-statement"><span style="color:#3A13CD;text-decoration:none">mission
</span></a><a href="https://urldefense.com/v3/__https:/www.rocksolidknowledge.com/mission-statement__;!!PwKahg!_oZpQyjahZpIjImVt2l6ty3_-UC8PNZSaGZmAWvERr278XS6PPKI2I3Gi8NZ16drBnWdfG3cu4SLh1nKc-3u8iaYU7jhI1Aj0A$" target="_blank" title="https://www.rocksolidknowledge.com/mission-statement"><span style="color:#3A13CD;text-decoration:none">sta</span></a><a href="https://urldefense.com/v3/__https:/www.rocksolidknowledge.com/mission-statement__;!!PwKahg!_oZpQyjahZpIjImVt2l6ty3_-UC8PNZSaGZmAWvERr278XS6PPKI2I3Gi8NZ16drBnWdfG3cu4SLh1nKc-3u8iaYU7jhI1Aj0A$" target="_blank" title="https://www.rocksolidknowledge.com/mission-statement"><span style="color:#3A13CD;text-decoration:none">tement</span></a></span></u><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#000001"> to
read more about the ways we’re using business as a force for good.<br>
<br>
Rock Solid Knowledge Ltd is a company registered in England and Wales under number 6811209.<br>
Registered office: C2, Vantage Office Park, Old Gloucester Road, Bristol, BS16 1GW, United Kingdom<br>
Vat registered: GB948 1966 72</span><span style="font-size:8.0pt;font-family:"Calibri",sans-serif;color:#000001"><o:p></o:p></span></p>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<p class="MsoNormal"><span style="font-size:1.0pt;font-family:"remialcxesans",serif"> </span><span style="font-size:1.0pt;font-family:"template-CbyZv7ONEe6-oGBFvdGUFw",serif"> </span><span style="font-size:1.0pt;font-family:"zone-1",serif"> </span><span style="font-size:1.0pt;font-family:"zones-AQ",serif"> </span><span style="font-size:1.0pt"><o:p></o:p></span></p>
</div>
<div class="MsoNormal" align="center" style="text-align:center">
<hr size="2" width="98%" align="center">
</div>
<div id="x_m_7355996677732884344divRplyFwdMsg">
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black"> Openid-specs-authzen <<a href="mailto:openid-specs-authzen-bounces@lists.openid.net" target="_blank">openid-specs-authzen-bounces@lists.openid.net</a>>
on behalf of Allan via Openid-specs-authzen <<a href="mailto:openid-specs-authzen@lists.openid.net" target="_blank">openid-specs-authzen@lists.openid.net</a>><br>
<b>Sent:</b> 08 May 2025 11:40<br>
<b>To:</b> AuthZEN Working Group List <<a href="mailto:openid-specs-authzen@lists.openid.net" target="_blank">openid-specs-authzen@lists.openid.net</a>><br>
<b>Cc:</b> Allan <<a href="mailto:allan@macguru.com" target="_blank">allan@macguru.com</a>><br>
<b>Subject:</b> Re: [Openid-specs-authzen] A question on resource identifiers for resources that do not exist yet</span>
<o:p></o:p></p>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<p class="MsoNormal"><o:p></o:p></p>
<div id="x_m_7355996677732884344x_">
<div>
<p class="MsoNormal">hmmm<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">surely customer is part of the resource? and a create can simply use a resource ID of 0 or -1. or null<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">allan<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
<div id="x_m_7355996677732884344x_">
<div>
<div>
<p class="MsoNormal"><span style="font-family:"Helvetica",sans-serif">--<br>
Sent from <a href="https://urldefense.com/v3/__https:/canarymail.io__;!!PwKahg!_oZpQyjahZpIjImVt2l6ty3_-UC8PNZSaGZmAWvERr278XS6PPKI2I3Gi8NZ16drBnWdfG3cu4SLh1nKc-3u8iaYU7iALaQ4yQ$" target="_blank">
Canary</a><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt" id="x_m_7355996677732884344x_">
<div>
<div>
<p class="MsoNormal">On Thursday, May 08, 2025 at 12:34, David Brossard via Openid-specs-authzen <<a href="mailto:openid-specs-authzen@lists.openid.net" target="_blank">openid-specs-authzen@lists.openid.net</a>> wrote:<o:p></o:p></p>
</div>
<div>
<div>
<div>
<p class="MsoNormal">Hi all,<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Interesting use case from EIC: I want to write a policy that determines how a loan-to-be can be created.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Managers can create a loan for a customer in their region up to their max allowed amount for the employee (and/or customer).<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">The request would then be:<o:p></o:p></p>
</div>
<div>
<ul type="disc">
<li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0 level1 lfo1">
Can Alice the employee create loan with amount 1234?<o:p></o:p></li></ul>
<p class="MsoNormal">In this type of request, because the loan hasn't been created we do not have a loan ID or resource ID. But, because AuthZEN makes the resource ID mandatory in the evaluation API, what approach do we want to recommend?<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">David <o:p></o:p></p>
</div>
</div>
<p class="MsoNormal">-- <br>
Openid-specs-authzen mailing list <br>
<a href="mailto:Openid-specs-authzen@lists.openid.net" target="_blank">Openid-specs-authzen@lists.openid.net</a>
<br>
<a href="https://urldefense.com/v3/__https:/lists.openid.net/mailman/listinfo/openid-specs-authzen__;!!PwKahg!_oZpQyjahZpIjImVt2l6ty3_-UC8PNZSaGZmAWvERr278XS6PPKI2I3Gi8NZ16drBnWdfG3cu4SLh1nKc-3u8iaYU7gKBSldXg$" target="_blank">https://lists.openid.net/mailman/listinfo/openid-specs-authzen</a>
<o:p></o:p></p>
</div>
</div>
</blockquote>
</div>
</div>
<p class="MsoNormal">-- <br>
Openid-specs-authzen mailing list<br>
<a href="mailto:Openid-specs-authzen@lists.openid.net" target="_blank">Openid-specs-authzen@lists.openid.net</a><br>
<a href="https://lists.openid.net/mailman/listinfo/openid-specs-authzen" target="_blank">https://lists.openid.net/mailman/listinfo/openid-specs-authzen</a><o:p></o:p></p>
</div>
</blockquote>
</div>
<p class="MsoNormal">-- <br>
Openid-specs-authzen mailing list <br>
<a href="mailto:Openid-specs-authzen@lists.openid.net">Openid-specs-authzen@lists.openid.net</a>
<br>
<a href="https://lists.openid.net/mailman/listinfo/openid-specs-authzen">https://lists.openid.net/mailman/listinfo/openid-specs-authzen</a>
<o:p></o:p></p>
</div>
</div>
</blockquote>
</div>
</div>
</div>
</div>
</body>
</html>