Hi All This is Lisa. Our project is adopting OAuth 2 as authentication specification. For the client-server communication, OAuth token works fine. But we have some cases of server to server communication, usually it will be multiple tasks running in parallel or sequence or even in multiple threads. In this case, we are not sure we should reuse the access token grant by end user or create another token? Moreover, if token is expired in 30 min, we are able to do refresh but may meet some issue on the token consistency between each task, thus it might be refreshed again and again...
But with OAuth 1.0, since it will not expired and we don't have to do refresh, it will work fine. So for OAuth 2.0, what's your consideration for server to server communication scenario? Or do you have any suggestion here? Thanks. Lisa Li Principal Software Engineer Symantec Corporation Office: (010) 6272 5127 / Mobile: 189 1057 2219 lisa_...@symantec.com [cid:image002.png@01D0B31E.0A6CFD10] This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
