Registration - 2.1 Should mention about OAuth Bearer Authz Scheme

Issue #587 resolved
Nat Sakimura created an issue

It is probably better to add some wording around the usage of the Bearer spec to protected the registration records. It is in the top-level section 2, but it is easier to read if it were stated with the request as well.

Comments (3)

  1. John Bradley

    The bearer token access is intended for the associate and not for the other actions. It is intended to limit the generation of new client_id to registered parties, and is optional.

    So it doesn't protect the records as such.

    We can add more explanation to the request.

  2. Log in to comment