issues
search
oauth-wg
/
oauth-first-party-apps
https://datatracker.ietf.org/doc/html/draft-parecki-oauth-first-party-apps
Other
11
stars
8
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
parameters that must not be present in authorization challenge request
#113
Sakurann
opened
1 week ago
0
Change of affiliation for Pieter
#112
PieterKas
closed
1 week ago
0
Consider mentioning URL registration
#111
PieterKas
opened
3 weeks ago
0
extend the definition of first party to include strictly defined trust frameworks
#110
Sakurann
opened
2 months ago
0
why not define a new grant type for this flow (not for the different authentication factors)
#109
Sakurann
opened
2 months ago
1
REQUIRED in annex B is confusing
#108
Sakurann
opened
2 months ago
0
the usage of JWE in stateless implementations......
#107
Sakurann
opened
2 months ago
0
what drives the need for the interoperability in this specification?
#106
Sakurann
opened
2 months ago
0
For PAR, PAR endpoint should be used.
#105
Sakurann
opened
2 months ago
0
mentione negotiation of user authentication in the UX section
#104
Sakurann
opened
2 months ago
0
clarify which error codes are new and which ones are extending the existing ones
#103
Sakurann
opened
2 months ago
0
is there a reason why you use `authorization_code` and not `code` in the authorization code response?
#102
Sakurann
opened
2 months ago
0
client authentication with client_id
#101
Sakurann
opened
2 months ago
0
why define a new "auth_session" parameter?
#100
Sakurann
opened
2 months ago
0
stronger client auth at the authorization challenge endpoint needed
#99
Sakurann
opened
2 months ago
2
Make it more obvious that the rest of the back and forth can happen at proprietary endpoints
#98
aaronpk
closed
3 months ago
0
Add section with refresh token error response example
#97
aaronpk
opened
5 months ago
0
Interest and implementations
#96
aaronpk
opened
5 months ago
5
Clarify binding mechanism for DPoP
#95
PieterKas
closed
4 months ago
0
Change /authorize examples to something else
#94
timcappalli
closed
3 months ago
0
Changes to support WebAuthn Get and Create
#93
timcappalli
opened
5 months ago
1
clarify auth_session in token response
#92
aaronpk
closed
3 months ago
0
Clarified two ways in which phishing may increase
#91
PieterKas
closed
3 months ago
0
Add guidance on service providers
#90
PieterKas
opened
6 months ago
0
SMS is an abbreviation for a specific service
#89
sjjhsjjh
closed
3 months ago
0
Typos
#88
yaronf
closed
6 months ago
0
Extra reference
#87
yaronf
opened
6 months ago
0
E-mail confirmation code
#86
yaronf
closed
3 months ago
3
IANA Claims list is missing
#85
yaronf
closed
6 months ago
1
DPoP binding of auth_session
#84
yaronf
closed
5 months ago
3
Consent screen
#83
yaronf
closed
3 months ago
3
Credential stuffing
#82
yaronf
opened
6 months ago
1
Phishing: two ways?
#81
yaronf
closed
6 months ago
1
Definition of First Party Apps
#80
yaronf
opened
6 months ago
2
Should we "update" RFC6749
#79
yaronf
opened
6 months ago
2
Relationship with "Native Apps" RFC
#78
yaronf
opened
6 months ago
0
RFC 6750
#77
yaronf
closed
6 months ago
1
auth_session in a successful token response
#76
yaronf
closed
3 months ago
1
Binding to device
#75
yaronf
opened
6 months ago
1
Redirect to Web
#74
yaronf
closed
6 months ago
2
redirect_to_web error code
#73
yaronf
closed
6 months ago
0
invalid_grant error code
#72
yaronf
closed
3 months ago
0
ASCII?
#71
yaronf
opened
6 months ago
0
acr_values reference
#70
yaronf
closed
6 months ago
0
Which extensions exactly?
#69
yaronf
opened
6 months ago
0
RS Behavior
#68
yaronf
opened
6 months ago
0
Protocol overview - forward references
#67
yaronf
opened
6 months ago
0
Returning a token from the endpoint
#66
yaronf
closed
3 months ago
1
Limitations of this spec
#65
yaronf
opened
6 months ago
0
Interaction with "native SSO"
#64
yaronf
closed
3 months ago
2
Next