- edited description
Basic - 3.2.4.1 "User Info" / access_token usage
Issue #137
resolved
In Draft 13:
" ... access_token
REQUIRED. The Access Token for the User Info Endpoint.
"
User Info Endpoint should be "UserInfo Endpoint" for the consistency in the document.
"... The client can then use the Access Token to access protected resources at Resource Servers. ..."
Access Token of Connect authz response MUST be for UserInfo Endpont. Or OP can allow the token to be used for other resources ? This description can be dropped because the "acccess_token" parameter describes its usage.
Comments (4)
-
reporter
-
-
assigned issue to
John Bradley
The OP can allow the token to be used for additional resources.
Fix wording
-
assigned issue to
-
reporter
Thank you very much for your clarification.
-
- changed status to resolved
done
- Log in to comment
