Authorisation vs Authorization

[JKhandelwal]

In the protocol spec BE02.md, the authorisation header is listed as: Authorisation https://github.com/CS3099JH2017/cs3099jh/blob/master/protocols/BE02.md#oauth But I believe the OAuth Standard defines the protocol to use the term: Authorization Which appears to be the accepted standard, furthermore, for anyone using Swagger Servers, the header is defined, at least in testing, as Authorization, so could the protocol potentially be changed to use the term: Authorization

[magnostherobot]

This is really something that should have been addressed before the creation of Protocol BE01, however because BE01.md's license (and, by necessity, BE02.md's too) states that functional changes are disallowed, it cannot go into either of those files. If people want to change to using the American-english spelling, it should go in a separate mini-protocol.

Ideally in my mind, systems should support both spellings - supporting both doesn't really produce ambiguity.

[JKhandelwal]

Would it be assumed that the backend groups would also be supporting both spellings then?

[magnostherobot]

I've created PR #44 for a new Protocol BE70, which enforces the support for Authorization in addition to Authorisation headers on devices that require authorisation.

Would it be assumed that the backend groups would also be supporting both spellings then?

Authorisation providers can check that an authorisation requester supports Authorization by checking for support of Protocol BE70 through use of the _supported_protocols_ endpoint. All requesters will support Authorisation.