--- On Wed, 1/5/11, Marius Scurtescu <mscurte...@google.com> wrote: > > This seems to be saying that the user's machine has a Web > > server running on it which is reachable from the Internet by > > sending an http request to the redirection URI. That's > > unrealistic because the user's machine won't typically have > > a permanent IP address reachable from the internet. > > For custom schemes you don't need a local web server. > > You can also use a local web server, no routable/permanent IP is > needed. The authorization server can redirect to localhost perfectly > fine.
Ah, ok. I'm not familiar with custom schemes, but I do understand that you can redirect to localhost. Thanks for the explanation. Francisco
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth