typo in basic section 2.1.6.1
Issue #918
resolved
The word "form-urlencoded" in the below sentence should be removed.
"The Client authenticates itself by communicating its form-urlencoded Client Credentials in an Authorization header using the HTTP Basic method"
Comments (3)
-
-
-
assigned issue to
We will revise the text to make it consistent with the description in Core, which doesn't say things in the same way that this section in Basic does.
-
assigned issue to
-
- changed status to resolved
Fixed
#918- Wording inconsistency in Token Request language→ <<cset cdc431bea07a>>
- Log in to comment
Strange as it may seem, I believe it's correct as is.
§2.3.1 of RFC 6749 (OAuth) has:
"Clients in possession of a client password MAY use the HTTP Basic authentication scheme as defined in [RFC2617] to authenticate with the authorization server. The client identifier is encoded using the "application/x-www-form-urlencoded" encoding algorithm per Appendix B, and the encoded value is used as the username; the client password is encoded using the same algorithm and used as the password."
see http://tools.ietf.org/html/rfc6749#section-2.3.1