1. OpenID Foundation
  2. connect
  3. Issues
Issue #512 wontfix

Standard : 2.2 : "two main paths" means other flow can be used , or not ?

hideki nara
created an issue

[[http://openid.bitbucket.org/openid-connect-standard-1_0.html#protocol_flows| Dec 22, 2011 version of Draft 07]] says about Grant flows like this:

" ......

2.2. Protocol Flows

Authorization Requests follow two main paths to obtain Access Tokens and ID Tokens, the Implicit Flow and the Authorization Code Flow. .... "

Other flows like Client Credentials flow with "[[http://self-issued.info/docs/draft-jones-oauth-jwt-bearer-02.txt | JSON Web Token (JWT) Bearer Token Profiles for OAuth 2.0]]" can be allowed or not ?

Comments (6)

  1. John Bradley

    Yes the idea is that other flows like "JSON Web Token (JWT) Bearer Token Profiles for OAuth 2.0" can be used.

    A extension document probably needs to be written for each additional flow.

  2. Log in to comment