Thank you for your reply. We've indeed decided to go with the
authorization flow like you suggested, because:
- the client credentials flow would require a timeout for user
registration (to handle idle users)
However, it seems that you might as well use the authorization flow in
that case,
27;ll be bringing it back up again in
the next couple of days then you can try it our directly.
From: "Stein Desmet"
To: oauth@ietf.org
Date: 13/03/2012 01:20 AM
Subject: [OAUTH-WG] Client credentials flow vs. authorization grant flow
for native clients
Sent by:
Client credentials is not the right flow for this approach since there's a user
present at the client and they can close the loop for you. The Device Flow, if
it were to get picked up and fleshed out a bit, is a better fit for what you're
after and is made for just such a disconnected world wher
I have mistakingly asked this question on the google group on google's
Oauth2 implementation, so here it is at the correct place (I hope).
We have an authentication server/identity provider, and a number of
external web applications (ie resource servers) that make use of it.
We would like to buil
