Done. It isn't quite what the flow shows in the earlier diagram. I was originally avoiding client type and trying to focus on section 4 options.
But this should be a better diagram. http://independentidentity.blogspot.com/2011/03/oauth-flows-extended.html Phil phil.h...@oracle.com On 2011-03-31, at 4:41 PM, Marius Scurtescu wrote: > On Wed, Mar 23, 2011 at 12:56 PM, Torsten Lodderstedt > <tors...@lodderstedt.net> wrote: >> Hi Phil, >> >> looks even better now :-) >> >> As already pointed out >> (http://www.ietf.org/mail-archive/web/oauth/current/msg05599.html), "Have >> client credentials? No" does not automatically imply usage of implicit >> grant. The client could also use the authorization code (for various >> reasons). > > +1, no client credentials does not necessarily imply the implicit grant. > > Marius _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
