Some more info on OAuth 2.1 from the
OAuth 2.1: How many RFCs does it take to change a light bulb?
Fri, Dec 13, 2019 10:29am -08:00
Frank Pientka ☁️
Amine El Haimer
🇨🇦 Mark Drummond 🌐
🏔 🅲🅲🆄🅽🅴 🌊
Have you written a
to this? Let me know the URL:
implicit is good to go ..query on password - If password flow is deprecated then how we achieve those use cases which this was addressing..like migration of legacy clients..which flow we can use for those use cases
Thu, Feb 20, 2020 10:00pm +00:00
They are here!
Tho I suppose I should email that to the list as well.
Sun, Dec 15, 2019 4:12pm +00:00
How are the new OAuth2 things going to impact IndieAuth if at all?
Sun, Dec 15, 2019 5:50am -08:00
@aaronpk can you please publish your notes from the informal meeting?
Sun, Dec 15, 2019 8:50am +00:00
Also potential, a potential working group in this case! Right now it's just a mailing list.
Sat, Dec 14, 2019 9:25pm +00:00
I can get it changed to say "a potential 2.1". What's the right term for the TX Auth group right now then?
Sat, Dec 14, 2019 9:24pm +00:00
This is misleading. The OAuth WG did not yet agree to do a 2.1 revision, and there's not yet a TxAuth working group. I want both of those things but it's not reality quite yet.
Sat, Dec 14, 2019 9:06pm +00:00
OAuth's implicit flow was created before browsers supported CORS. Let's deprecate it! Auth code flow + PKCE is the future. Cheers to
Fri, Dec 13, 2019 7:04pm +00:00