[pending-close] Why do we need "urn:ietf:params:oauth:grant-type:pre-authorized_code"
Issue #1618
closed
Perhaps it is a duplicate of previous discussions but searching for “urn:ietf:params:oauth:grant-type:pre-authorized_code” in the issues did not deliver anything.
Why do we need a new OAuth grant type?
Why cannot we leverage existing flows like device flow or authorization code flow?
It is better if we can leverage an existing one. If not, the document should explain the rationale.
Comments (4)
-
-
- changed status to open
discussed during a connect call. and rational explained with Nat being on the call. will close if no opposition in a week.
-
- changed title to [pending-close] Why do we need "urn:ietf:params:oauth:grant-type:pre-authorized_code"
-
- changed status to closed
- Log in to comment
The rationale is explained in the pre-authorized code flow section in the Overview.
The document defines an entirely new flow where a Client takes pre-authorized code directly to the Token Endpoint to obtain an Access Token - no Authorization Endpoint involved. There was no existing grant that we could have reused?