LinkedIn announced recently that they use OAuth2's UserAgent flow:
http://developer.linkedin.com/community/jsapi
On Tue, Oct 12, 2010 at 10:32 PM, David Recordon wrote:
> I haven't seen one. Have been trying to keep track of all the
> implementation on http://wiki.oauth.net/w/page/OAuth-2.
>
>
>
OAuth 2.0 authors or anyone with authority on the draft, would appreciate
some response to the below items.
3.5. User-Agent Flow
1. It is not clear from the draft how a user agent flow would refresh
an access token. As per section 4, client does a HTTP(S) POST to
authorization server which seems
On Wed, May 26, 2010 at 8:51 PM, Evan Gilbert wrote:
>
>
> On Tue, May 25, 2010 at 1:43 PM, Murali VP wrote:
>
>> Anyway to find out what the outcome was from the May 20th interim meeting?
>> I
>> wanted to participate but had to be at Google I/O.
>>
>>
Anyway to find out what the outcome was from the May 20th interim meeting? I
wanted to participate but had to be at Google I/O.
3.5. User-Agent Flow
1. Since the client_id is public, the only check that prevents from
any client posing as a registered client is the redirect_uri, this is
fine, exc
