I'm not sure I understand the question. Twitter requires users to authenticate to Twitter via Twitter's website. Many OAuth service providers work this way.
HTC Friend Stream requires users to authenticate to a service provider (e.g. Facebook, Twitter or Flickr). I'm not sure whether the service provider receives the user's credentials from the user's browser, or from the consumer (which has stored credentials entered by the user). OAuth version 1 would enable the service provider to get credentials from the user's browser, and avoid storing credentials in the consumer. A service provider can authenticate consumers using http://oauth.googlecode.com/svn/spec/ext/consumer_request/1.0/drafts/2/spec.html This protocol doesn't involve users. Users don't interact with the service provider's website, and the service provider doesn't receive any information about users. -- You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/oauth?hl=en.
