[Openid-specs-fapi] Issue #378: sharing grant_id among different clients (openid/fapi)

Takahiko Kawasaki issues-reply at bitbucket.org
Thu Feb 18 14:44:30 UTC 2021

New issue 378: sharing grant_id among different clients

Takahiko Kawasaki:

The draft dare state that `grant_id` may be shared among different clients, but I'm concerned about the idea. If it is allowed, an entity can collect a big set of permissions by releasing many client applications even if the number of permissions requested by each of the client applications may be small.

More information about the Openid-specs-fapi mailing list