On Wed, Jul 14, 2010 at 2:36 PM, Torsten Lodderstedt
<[email protected]> wrote:
I would also like to see support for b. In this case, additional means for
client authentication should be considered.
b is token on query string?
What's the use case for that?
Yepp. That's an optimization of use case 2. That way the authz server
does not need to store the authorization transaction's results in a
database and there is no need to perform a a second request.
regards,
Torsten.
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
