Hi All, I have some confusion regarding the callback URL. When we register a consumer to the service provider, we also register the consumer's callback URL. On the other hand, in 6.1.1 (OAuth 1.1a) we (consumer) are again passing the oauth_callback to the SP.
How are these to different? If we use the 6.1.1's oauth_callback to redirect the user after authorization then what is the use of the callback URL that we gave when registering the consumer application? Also, how does oauth_callback helps avoiding the session fixation attack? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to oauth@googlegroups.com To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
