Hi,
we are implementing a service that will allow users sign in using their
account on an external OAuth 2.0 provider (a certain well-known social
network). But there is a twist: my service consists of a mobile app and
a web service. The mobile app needs to authenticate its user to the app
Though not OAuth 2.0 - the scenario you're describing sounds very close to
that of an OpenSocial gadgets implementation - where by the open social
container (which would be Analogous to your App Server) can handle relaying
requests to a 3rd party API secured via OAuth - in which case it is both an
and saves the
social network access token on the server.
EHL
From: oauth-boun...@ietf.org [mailto:oauth-boun...@ietf.org] On Behalf Of Alex
Henderson
Sent: Wednesday, May 04, 2011 6:18 AM
To: Marcus Better
Cc: oauth@ietf.org
Subject: Re: [OAUTH-WG] delegated authentication with OAuth 2.0
Though
...@ietf.org] *On Behalf
Of *Alex Henderson
*Sent:* Wednesday, May 04, 2011 6:18 AM
*To:* Marcus Better
*Cc:* oauth@ietf.org
*Subject:* Re: [OAUTH-WG] delegated authentication with OAuth 2.0
Though not OAuth 2.0 - the scenario you're describing sounds very close to
that of an OpenSocial gadgets
Thank you all for your advice, that was very helpful. The general
pattern seems to be similar to what I had in mind.
It would really help to have this documented properly. I would think it
is an increasingly common scenario.
Cheers,
Marcus
___
OAuth