-
assigned issue to
- changed status to open
Basic - 3.2.2 authorization URL construction
Issue #67
resolved
Section 3.2.2 refers to clients "having constructed the URL". It should clarify: - which URL it is talking about - what "construction" it refers to (serialization described in the previous section?)
It should not be implied that a URL is "constructed" if a POST is used, as allowed in the previous section.
Comments (3)
-
-
Currently, it is
3.2.2. Client Sends a Request to the Authorization Server Having constructed the URL, the client sends the End-User to the HTTPS End-User Authorization Endpoint using the URL. This MAY happen via HTTPS redirect, hyperlinking, or any other secure means of directing the User-Agent to the URL through Indirect Communication.
Change it to
3.2.2. Client Sends a Request to the Authorization Server Having constructed the Authorization Request, the client sends it to the Authorization Endpoint. This MAY happen via HTTPS redirect, hyperlinking, or any other secure means of directing the User-Agent to the URL.
-
- changed status to resolved
fixes
#67 - Log in to comment