Hi folks,
I currently use a proprietary token approach to provide authentication to a
browser widget, and I wonder if OAuth could be used to replace it.
Here's how the system currently works:
- website supports authenticated users (happens via username/password form)
- website and widget pro
Couple comments on the comments inline:
On Wed, Aug 10, 2011 at 3:39 PM, Mike Jones wrote:
>
> 4.1. Using Assertions for Client Authentication: Comment on “client_id”:
> “It seems like a bad idea to have the client_id outside of the assertion.
> It’s either redundant or insecure.”
>
I tend to a
Hi Michael,
I apologize for being so slow in responding to this. I did not
receive the first message and haven't had a chance to respond to this
direct email as I've been very busy trying to get a product release
out the door. I attempt to answer the questions inline below. I'm
also cc'ing the
