Versions Compared

Old Version 8

changes.mady.by.user Former user

Saved on

compared with

New Version 9

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Note
titleTODOs/Issues
  • Host and AM can both decide if they work with the other side
  • AM can refuse client id/secret. Needs error conditions
  • How can the Host trust the AM? There are trust frameworks around for that these days
  • no big difference between RRAPI to be in hostmeta or provisioned in step 2. Needs more input to get decision
  • step 2 might be a separate specification.
  • maybe in this specification the server can put in additional data specific to some namespace. Example:
    Code Block
        { 'client_id' : '72z81uhbjhssd867e',
      'client_secret' : 'test123',
      'expires_in' : 3600,
      'http://uma/am/resource_registration_uri' : 'http://....',
  • format of RRAPI (resource registration API) still open. Needs to get discussed with step 2.
  • maybe not all resources are listed (every tweet?) but maybe "tagged 'important'", "folder x" etc. How are they identified? Maybe about scopes/uri parameters?
  • should the host be able to define claims upfront?

host looks up the authorization manager metadata

...