[Openid-specs-fapi] Complexity of Access Token Privileges Introduced by Grant Management
Takahiko Kawasaki
taka at authlete.com
Mon Oct 18 21:19:14 UTC 2021
Hi,
IMHO, the format of introspection response (RFC 7662) needs to be extended
for "Grant Management for OAuth 2.0
<https://openid.net/specs/fapi-grant-management.html>". I've already
described it in FAPI Issue 455
<https://bitbucket.org/openid/fapi/issues/455/impact-of-grant_management_action-update>
but additionally published an article to explain it a bit more deeply. It
would be greatly appreciated if you can spare time to take a look at it for
future discussion.
*Complexity of Access Token Privileges Introduced by Grant Management*
https://darutk.medium.com/complexity-of-access-token-privileges-introduced-by-grant-management-ec527b5c6d6a
Best Regards,
Taka
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20211019/2886e7d0/attachment.html>
More information about the Openid-specs-fapi
mailing list