Two answers: (1) For interactions mediated through your container page to your own server via XHR, you can use your own auth mechanisms (cookies or extra headers for example). This should cover most use cases.
(2) We're not expecting the rest of the world to implement the server side of AuthSub. We'd like to use an open standard for this, and we're looking hard at OAuth (http://oauth.net) for this purpose. If this happens of course we'd accept OAuth credentials as well as AuthSub in our own REST API. Feedback is welcomed! -John On 11/2/07, Al <[EMAIL PROTECTED]> wrote: > > > Looking at the REST API It seems to indicate using Google AuthSub > etc.. > > If one was to implement a full container API (including REST) would we > still be expected to use Google AuthSub or can we solely use our own > Authentications. I just need to clarify this part of the API. > > regards > Al > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OpenSocial Container Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/opensocial-container?hl=en -~----------~----~----~----~------~----~------~--~---
