There's also a new draft, Pushed Authorization Requests, which ... • Aaron Parecki

96°F

Anders Pitman https://twitter.com/anderspitman • Jan 21
Why not open a new tab for interacting with the auth server, while simultaneously opening a back channel request in the original session? Once the user has authenticated/authorized from the new tab, the back channel request would resolve. 2/

There's also a new draft, Pushed Authorization Requests, which moves a bunch of the fragile bits out of the front channel. Similar but slightly different goal. https://tools.ietf.org/id/draft-lodderstedt-oauth-par-00.html

Portland, Oregon, USA

Tue, Jan 21, 2020 11:05am -08:00

Have you written a response to this? Let me know the URL:

Posted in /replies using quill.p3k.io