Some service providers put information into the access token, such as the user identity, privileges granted etc. This can help performance and scalability.
On Mar 3, 11:42 pm, PK <pengk...@gmail.com> wrote: > "Can't the server just "upgrade" the temporary credentials to token > credentials and retain the same key and secret? > > The client can then start doing authenticated calls right away after > the recieving the callback from the server stating that the temporary > credentials has been "upgraded". -- You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to oa...@googlegroups.com. To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/oauth?hl=en.