...
requesting party: A web user, or a corporation (or other legal person), that uses a requester to seek access to a protected resource.
Requirements
Requirements for the resource owner
- The resource owner MUST be able to choose a different AM for each Host
- (The resource owner MUST be able to choose a different AM for each protected resource)
Requirements for the protected resource
Overview
The protocol is divided into three parts:
- The introduction of the Host and Authorization Manager
- The retrieval of an Access Token for a Host by a Requester
- The access to the Protected Resource on the Host by the Requester
The first step is only needed once per Host and Authorization Manager. In this step the resource owner decides which AM is handling access to the protected resource on that Host. The resource owner can either choose
The Resource Owner which has a protected resource on Host decides that the access to this resource is being managed by the AM he chooses.
Step 1: Introduction of Host and AM
...