1. OpenID Foundation
  2. connect
Issue #512 wontfix

Standard : 2.2 : "two main paths" means other flow can be used , or not ?

hideki nara
created an issue

[[http://openid.bitbucket.org/openid-connect-standard-1_0.html#protocol_flows| Dec 22, 2011 version of Draft 07]] says about Grant flows like this:

" ......

2.2. Protocol Flows

Authorization Requests follow two main paths to obtain Access Tokens and ID Tokens, the Implicit Flow and the Authorization Code Flow. .... "

Other flows like Client Credentials flow with "[[http://self-issued.info/docs/draft-jones-oauth-jwt-bearer-02.txt | JSON Web Token (JWT) Bearer Token Profiles for OAuth 2.0]]" can be allowed or not ?

Comments (6)

  1. John Bradley

    Yes the idea is that other flows like "JSON Web Token (JWT) Bearer Token Profiles for OAuth 2.0" can be used.

    A extension document probably needs to be written for each additional flow.

  2. Michael Jones

    John will probably close this as "wontfix" pending further clarifying discussions with Hideki. We don't anticipate any spec changes resulting from this issue.

  3. Log in to comment