Child pages
  • Experimental AM Protocol

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  1. The Requester uses the OAuth token of the AM obtained above to call the AM Requester API.
  2. The AM in turn will call the Host Requester API of the Host in question
  3. The Host returns a token for accessing the protected resource to the AM
  4. The AM passes this token to the Requester
  5. The Requester now can access the protected resource on the Host.

Open Questions

  • How do the APIs look like?
  • What data needs to be presented to those APIs?
  • AM Requester API:
    • which resource on the server to access
    • later: terms?
  • Host Requester API
    • which Requester is knocking on the door?
    • for which resource?
    • later: terms? policies? (latter might be defined on the AM)