Awesome, I’ll check those out. Business doesn’t understand why I can’t do this in a way that doesn’t show URL. Since it’s our app and API.
Yeah the Google case is interesting since they're doing it with their own apps!
Thu, May 4, 2017 11:22am -07:00
Have you written a
to this? Let me know the URL:
Well for first-party apps there isn't really a phishing risk, it's normal to type your password into the service's own app.
Thu, May 4, 2017 6:31pm +00:00
so some services use the password grant to exchange a un+pw for a token, and build the login interface natively.
Thu, May 4, 2017 6:32pm +00:00