On Thu, Jun 30, 2011 at 12:45 PM, Doug Tangren <[email protected]> wrote: > What is the current recommended practice of storing an implicit client's > access_tokens? LocalStorage, im mem and re-request auth on every browser > refresh?
Both sound reasonable. I think most important is how NOT to store it, in a cookie. Marius _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
