Hi Sawan, This sounds like it should possible; although, it's something that I've never specifically tried. The only potential gotcha is that the session token is attached to the domain passed in the callback (next) URL. When you issue a data request, the AuthSub service will look up next URL domain name associated with the token, get the X.509 certificate for that domain, and then check the signature. Therefore, you'll need to make sure that you use the private key of the X.509 certificate for www.example.com when you sign your requests (i.e. the same private key, for www.example.com, needs to be on www.example.com and www.abc.com).
If you give this a try, let us know how it goes! Paul -- You received this message because you are subscribed to the Google Groups "Google Health Developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/googlehealthdevelopers?hl=en.
