On Thu, Jun 30, 2011 at 12:45 PM, Doug Tangren <d.tang...@gmail.com> wrote: > What is the current recommended practice of storing an implicit client's > access_tokens? LocalStorage, im mem and re-request auth on every browser > refresh?
Both sound reasonable. I think most important is how NOT to store it, in a cookie. Marius _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
