Have a look at the OAuth Echo proposal:
http://mehack.com/oauth-echo-delegation-in-identity-verificatio
Abraham
On Sun, Feb 28, 2010 at 10:59, Swan wrote:
> Scenario
> - TwitterAppA has an oAuth
> - TwitterAppA has as part of its functions an embed from TwitterAppB
> which also uses Twitter oauth
>
> The goal is for users to be able to oauth with TwitterAppA and then be
> recognized automatically as the same user by the embed of
> TwitterAppB. Without this the user gets quite confused as they don't
> understand why they have to login multiple times on one site.
>
> Allowing for that functionality would allow all the TwitterApps to
> begin working in concert to meet user needs which makes the whole
> community far more effective.
>
> I realize though that it does open the door for some security
> problems. However, it seems that Twitter could maintain a graph of
> which apps were embedding which other apps in order to allow a trusted
> relationship model.
>
--
Abraham Williams | Community Advocate | http://abrah.am
Project | Out Loud | http://outloud.labs.poseurtech.com
This email is: [ ] shareable [x] ask first [ ] private.
