[Openid-specs-fapi] Issue #562: Scope needs clarification (openid/fapi)
Nat
issues-reply at bitbucket.org
Wed Dec 14 06:44:47 UTC 2022
New issue 562: Scope needs clarification
https://bitbucket.org/openid/fapi/issues/562/scope-needs-clarification
Nat Sakimura:
Current text
This document specifies the requirements for confidential Clients to securely obtain OAuth tokens from Authorization Servers and securely use those tokens to access REST APIs at Resource Servers.
This is kind of OK, but it also appears as if this document just specifies the requirements for clients, which is not the case. A large part of the document specifies the requirements for servers.
This is a non-normative editorial change but still desirable to be implemented.
More information about the Openid-specs-fapi
mailing list