Yes.
> -----Original Message----- > From: Marius Scurtescu [mailto:mscurte...@google.com] > Sent: Wednesday, February 16, 2011 10:58 AM > To: Eran Hammer-Lahav > Cc: OAuth WG > Subject: Re: [OAUTH-WG] Draft -12 feedback deadline > > On Wed, Feb 16, 2011 at 10:43 AM, Eran Hammer-Lahav > <e...@hueniverse.com> wrote: > > > > > >> -----Original Message----- > >> From: Marius Scurtescu [mailto:mscurte...@google.com] > >> Sent: Wednesday, February 16, 2011 9:05 AM > > > >> Yes, I understand. But Native Apps have no appropriate flow now, and > >> they started the whole protocol. > > > > I am not sure "they started the whole protocol" (it was more like OpenID in > Twitter API), but either way, why can't they use the implicit grant type? > That's where the specification is guiding them towards. > > That would be the old User-Agent flow? > > That's terrible for native apps, native apps need long lived credentials. > > Marius _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
