What is the recommended practice for storing access tokens for clients of the implicit flow. You don't really want to store it in a cookie because it will be send with every request to the server. There is html local storage but I don't know how sandboxed that is from other scripts on a given page.
-Doug Tangren http://lessis.me
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth