Hi Phil, that's great help for anyone looking for advice how to use OAuth.
One remark: In my opinion, the decision process for authorization code vs. implicit grant involves more parameters.
refresh token required? --> authz code client in question is a web application? --> authz code client in question is a JavaScript app? --> implicit grant client authentication required --> authz code else --> implicit grant regards, Torsten. Am 22.02.2011 01:45, schrieb Phil Hunt:
FYI. I published a blog post with a flow-chart explaining the legs of OAuth. http://independentidentity.blogspot.com/2011/02/does-oauth-have-legs.html Please let me know if any corrections should be made, or for that matter, any improvements! Phil phil.h...@oracle.com _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
