This would make sense for the case where a rich client application voluntarily exchanges the username/password for a persistent token credential. Allen
John Panzer wrote: > A feature I'd also like to have as a consumer is the reverse operation > - starting with a broad scope for initial setup, then narrowing scope > before storing my secret anywhere other than local memory. > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to oauth@googlegroups.com To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---