AW: Answers to chat comments from Schildt Sebastian (CR/AEX1) on 2020-02-13 (public-automotive@w3.org from February 2020)

From: Schildt Sebastian (CR/AEX1) <Sebastian.Schildt@de.bosch.com>
Date: Thu, 13 Feb 2020 22:27:47 +0000
To: Ulf Bjorkengren <ulfbjorkengren@geotab.com>, Isaac Agudo Ruiz <isaac@lcc.uma.es>
CC: "Adnan.Bekan@bmwgroup.com" <Adnan.Bekan@bmwgroup.com>, public-automotive <public-automotive@w3.org>, "armin.gerl@uni-passau.de" <armin.gerl@uni-passau.de>
Message-ID: <1cee42b5e2d74bf4af5234ddf2be1a30@de.bosch.com>

Maybe I am still a little bit puzzled about A(G)T terminology, (it is getting late here) but l am quite sure I fully agree with this:

Von: Ulf Bjorkengren <ulfbjorkengren@geotab.com>

The JWT token that the AT server returns to the client, if the assessment went well, needs to contain both scope (=path), and permission, as the Gen2 server (bouncer) needs this in its assessment whether to bounce the client or not. The bouncer do not need the role information.

Received on Thursday, 13 February 2020 22:28:05 UTC