On Tue, May 31, 2011 at 12:00 PM, Doug Tangren <d.tang...@gmail.com> wrote:
> > I think there is still a usability issue with the implicit flow in general > where there is no way in the spec to obtain an access token without > re-asking the user for authorization a second time even if the user has > already authorized your client. > > I don't think there is anything in the spec (correct me if I'm wrong) saying that an AS couldn't "remember" a user's authorization for a given client using implicit so as to avoid subsequent prompts for authorization?
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
