Hi,all I have always been unclear of one thing, why must let authorization server generate and issue authorization code to a client? Could not just let the user authorize the client directly by sending the client something like authorization code?
Regards~~~ -Sujing Zhou
_______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
