openid / connect / issues / #15 - Messsages - 3.3.4.2 Distributed claim without access_token

Comments (3)

Nat Sakimura reporter

assigned issue to

Nat Sakimura
changed status to open

Need to make sure that the new text below is what the WG think is right.

access_token

OPTIONAL. Access token enabling retrieval of the claims from the endpoint URL by using the OAuth 2.0 Bearer [OAuth.2.0.Bearer] scheme. Claims SHOULD be requested using the Authorization request header field and claims sources MUST support this method. If the access token is not available, clients MAY need to retrieve the access token out of band or use an a priori access token that was negotiated between the claim source and client, or the claim source MAY reauthenticate the user and/or reauthorize the client.

2011-09-06T07:16:38+00:00

hideki nara

Look clearer in Draft 04 of Messages.

2011-09-08T00:08:14+00:00

hideki nara

changed status to resolved

2011-09-08T17:36:21+00:00

Nat Sakimura reporter
- assigned issue to
  
  Nat Sakimura
- changed status to open
Need to make sure that the new text below is what the WG think is right.

access_token

OPTIONAL. Access token enabling retrieval of the claims from the endpoint URL by using the OAuth 2.0 Bearer [OAuth.2.0.Bearer] scheme. Claims SHOULD be requested using the Authorization request header field and claims sources MUST support this method. If the access token is not available, clients MAY need to retrieve the access token out of band or use an a priori access token that was negotiated between the claim source and client, or the claim source MAY reauthenticate the user and/or reauthorize the client.
- 2011-09-06T07:16:38+00:00
hideki nara
Look clearer in Draft 04 of Messages.
- 2011-09-08T00:08:14+00:00
hideki nara
- changed status to resolved
- 2011-09-08T17:36:21+00:00
Log in to comment