Arne (or anyone), Can you confirm for me that the only authentication method provided by OpenSocial is the one I quoted in my first post above?
In particular, I'm thinking of getting information in a Flash object securely to my server. I gather the way to do this is to have the Flash object pass information to the JavaScript on the client, which then invokes makeRequest as described? The reason I ask is that I know Facebook will automatically pass signature information to the Flash object, which can be relayed directly from the Flash object to the server. Since only Facebook and the server know a secret key for the application, the current user's ID can be verified. Just wondered if there was anything similar in OpenSocial. I understand that parameters other than those provided by the container (such as user-id etc) are not protected from tampering. I'm just looking at options for the architecture. Thanks, DB --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OpenSocial Application Development" group. To post to this group, send email to opensocial-api@googlegroups.com To unsubscribe from this group, send email to opensocial-api+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/opensocial-api?hl=en -~----------~----~----~----~------~----~------~--~---
