2016-06-28 UTC
# ben_thatmustbeme aaronpk: oauth2 does have a header response for when a request requires a token. I agree the server needs a way to say they need a token. The token is opaque, and it is good that way. its up to the server and client to negotiate that. you don't need that in the spec because thats an implementation detail