If I'm not mistaken, OAuth requires the user to approve the authentication request in her browser, which is an interactive action.
Joseph Holsten pointed me to Appendix A of the OAuth specification for an example. In step A.3, "The Consumer redirects Jane’s browser to the Service Provider User Authorization URL to obtain Jane’s approval for accessing her private photos." Also, OAuth appears to be more about authorization (to access a remote resource) than about authentication. Is there any way to operate either OpenID or OAuth entirely non-interactively? tir, 15 07 2008 kl. 08:38 -0700, skrev Scott Kveton: > Hi Anders, > > You might want to check out OAuth ... it was developed for just such a > situation. > > - Scott > > > > > On Tue, Jul 15, 2008 at 4:20 AM, Anders Feder <[EMAIL PROTECTED]> wrote: > > Hello, > > > > There have been some discussion over the years about using OpenID for > > non-interactive logins. Can someone kindly tell me what the status is of > > this feature? In particular login from non-browser applications - is > > this currently possible (e.g. using client certificate authentication)? > > Thanks. > > > > -- > > Anders Feder <[EMAIL PROTECTED]> > > > > _______________________________________________ > > specs mailing list > > specs@openid.net > > http://openid.net/mailman/listinfo/specs > > > _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs
