> -----Original Message----- > From: Skylar Woodward [mailto:sky...@kiva.org] > Sent: Thursday, January 27, 2011 2:37 AM
> -- 3.1.1, 4.1.2, and Out-of-Band flows > > It is an important consideration for us that clients that cannot capture a > redirect from the user-agent be able to use authentication flow. In the past > this has been dubbed and Out-of-Band (OOB) flow. However, the > reorganization of the document clearly marks out both Auth and Implicit as > flows reserved for clients "capable of receiving incoming requests (via > redirection) from the authorization server." This language makes these > incompatible with OOB clients. In addition, other language inhibits this use: No, it is just guidance. As defined, these are not appropriate for OOB clients, but with minor adjustments, such as the definition of a special URN redirection URI, can be made suitable. EHL _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
