openid / connect / issues / #135 - Standard - 6.1 UserInfo text clarification on the use of access_token — Bitbucket

Issue #135 resolved

Nat Sakimura created an issue 2011-09-29

Standard currently says in the access_token description in 6.1: “If the client is using the HTTP GET method, it SHOULD send the access token in the authorization header.” I would add to this: “The access_token MAY alternatively be sent in the message body, as described in the OAuth.2.0.Bearer specification.”

Comments (1)

Michael Jones
- changed status to resolved
Consolidated changes through 29-Sep-11 for SVN checking and specs release. Fix ~~#135~~, clarifying that the access_token MAY be sent in the message body.

→ c6a7ba29d135
- 2011-10-01T01:46:55+00:00
Log in to comment

Assignee: Edmund Jay

Type: enhancement

Priority: major

Status: resolved

Component: –

Milestone: –

Version: –

Votes: 0

Watchers: 0

Jira: the preferred issue tracker for Bitbucket. Join the team!