An user has walked an app through to getting the access token/secret and has been using the app successfully then somehow loses them.
What's the recommended practice here? - nuke the old pair and reauthenticate to issue a new pair? - reauthenticate and hand out the old pair? - keep the old pair but issue a new pair? - force them to get a new API key? All have advantages and disadvantages not leats when an app embeds it's API key and then the user uses it on multiple machines. As a related problem - what's the best practice in that case? Should each instance of the app have a separate access token/secret or should they share? /Simon --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
