Commit 67ffc6c
committed
Align Enterprise-Managed Authorization with id-jag-04
Reduce duplication by referencing draft-ietf-oauth-identity-assertion-authz-grant-04
for roles, token exchange parameters, ID-JAG claims, and processing rules,
keeping only MCP-specific constraints inline.
- Adopt 'Resource Authorization Server' terminology from id-jag §2
- Replace parameter/claim tables with section references plus MCP deltas
- Keep `resource` REQUIRED in this profile (id-jag-04 made it optional)
- Drop the restriction on `actor_token` (removed upstream in -03)
- Replace multi-tenant implementation notes with reference to id-jag §6
- Reference id-jag §5 for cross-domain client_id handling
- Add Discovery section referencing `authorization_grant_profiles_supported`1 parent 030b738 commit 67ffc6c
1 file changed
Lines changed: 38 additions & 92 deletions
0 commit comments