> On Sep 27, 2023, at 1:18 PM, Atul Tulshibagwale wrote:
> Now if MyCrazyLottery's OPRM says it needs "super admin privileges to your
> Apple account", the resulting consent dialog from Google is going to say
> "Apple is requesting super admin privileges to your Apple account". This
>
BTW I'm trying to conjure a scenario where there is a system level request
from the app that results in the consent being asked by Apple, and not
directly by the app acting as an OAuth client.
On Wed, Sep 27, 2023 at 12:18 PM Atul Tulshibagwale wrote:
> The scenario I am concerned about is: Say
The scenario I am concerned about is: Say a user is using a trusted client
(e.g. my Apple Mac )
and has a trusted authorization server (e.g. Google ). But a
relatively untrusted app (e.g. MyCrazyLottery) on the device the user is
accessing a resource (e.g. MyCrazyLottery). Now if MyCrazyLottery's
