Am 16.09.2010 um 05:53 schrieb Andrew Arnott :
> The user agent flow works for native apps that can host a web browser. It
> works pretty well in my experience.
>
Would like to see support for refresh tokens in this flow?
> Secrets on native apps are good! The key is (no pun intended) that the
The user agent flow works for native apps that can host a web browser. It
works pretty well in my experience.
Secrets on native apps are good! The key is (no pun intended) that the
secret *not ship with the app*. Each client should register for its own
client_id and secret when it is installed
I don't see why would you use the user-agent flow with a native
application? Maybe the spec should suggest only the web server flow.
The device flow would also work, but that's not part of the core spec.
Marius
On Wed, Sep 15, 2010 at 2:47 PM, Torsten Lodderstedt
wrote:
> I'm wondering whethe
I'm wondering whether it makes sense to allow for the issuance of
refresh tokens by the user-agent flow.
Background of my considerations is the development of applications on
mobile devices (apps :-)). The draft suggests to either use the web
server or the user agent flow for the integration
Hi Torsten
Yes, I can contribute. Will email you directly to follow up
Regards
Mark McGloin
Torsten Lodderstedt
14/09/2010 17:01
I plan to work on that aspect. Do you (or someone else) want to contribute?
regards,
Torsten.
Am 14.09.2010 um 17:18 schrieb Mark Mcgloin :
> What about Secur
