If the resource server is unsuccessful in registering a permission, how does it respond to the client? #176

xmlgrrl · 2015-07-20T04:19:50Z

Core Sec 3.2 (https://docs.kantarainitiative.org/uma/rec-uma-core.html#rfc.section.3.2) describes error conditions in case there's a failure to register a requested permission propertly, but the subsections of Core Sec 3.1 (https://docs.kantarainitiative.org/uma/rec-uma-core.html#rfc.section.3.1) only describe what are effectively success-condition responses to the resource server's intermediate interaction with the authorization server.

Should the resource server return some kind of error to the client if something went wrong in the intermediate interaction?

mmachulak · 2015-07-20T21:03:08Z

Eve, I am of the opinion that there should be an error response to the client with no information of what actually happened between the RS and AS. This should be clarified in https://docs.kantarainitiative.org/uma/rec-uma-core.html#rfc.section.3.1

xmlgrrl · 2015-08-28T00:53:52Z

Proposed, discussed, and reviewed in UMA telecon 2015-08-27. We can close this, presuming Maciej has already implemented amendments made on the call.

xmlgrrl added the core Related to (original UMA1) core spec scope; may use obsolete language label Jul 20, 2015

xmlgrrl added the blocking label Jul 30, 2015

xmlgrrl added this to the V1.0.1 milestone Jul 31, 2015

xmlgrrl added the V1.0.1 label Aug 13, 2015

mmachulak added a commit that referenced this issue Aug 27, 2015

Issue #176

2378499

xmlgrrl closed this as completed Aug 28, 2015

Provide feedback