Building identity on top of OAuth 2.0?
Manger, James H
James.H.Manger at team.telstra.com
Thu May 20 02:02:46 UTC 2010
Dirk,
Dirk said (on the openid-specs at lists.openid.net list at
http://lists.openid.net/pipermail/openid-specs/2010-May/006889.html)
> or maybe we should think about a way to say
> "give me one token with this scope in it, and
> another one with those scopes in it".
Changing the access token response format to an array of blobs with token info would help here.
[
{ "access_token":"SlAV32hkKG", "sites":["https://api.example.org"] },
{ "access_token":"Id87d6dsDd", "sites":["http://elsewhere.com"] }
]
[A bit of context for those not following OpenID: one of the scopes Dirk is talking about is an OpenID Relying Party that a user is logging in to; the other is a "normal" protected resource that holds user details and anything else.]
--
James Manger
More information about the specs
mailing list