I had a question on OAuth version 1.0a that I’m hoping you could help
me find an answer to:
It looks like to me that in the spec there is no requirement for some
affinity between the Consumer Key/Consumer Secret, and the Access
token.
So here’s the scenario: for some services, Consumer may choose
On 1 February 2010 19:58, Onmyouji wrote:
> It looks like to me that in the spec there is no requirement for some
> affinity between the Consumer Key/Consumer Secret, and the Access
> token.
>
> Is this something that is considered out of scope?
You're right, there's no spec-mandated affinity. Ho
Blaine,
Could you briefly describe what those cases are? I'm imagining
something where you have one box that does the OAuth stuff and a
separate one that actually accesses the resources; is that on the
right track?
--Richard
On Tue, Feb 2, 2010 at 6:42 AM, Blaine Cook wrote:
> On 1 February
You could imagine the use case of a licensing server sitting separate
from the service provider that validates whether someone has the
proper rights to view certain content.
That's one possibility...
Sent from my iPhone 2G
On Feb 2, 2010, at 9:44 AM, Richard Barnes
wrote:
Blaine,
Cou
Ah, so there's use cases on both the consumer and the SP side. That's
worth noting, thanks!
--Richard
On Tue, Feb 2, 2010 at 3:53 PM, Chris Messina wrote:
> You could imagine the use case of a licensing server sitting separate from
> the service provider that validates whether someone has the