You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This issue can be addressed by removing the specific OAUTH features mentioned by the Foundation API spec and leave a generic requirement for the server to provide OAUTH certified implementations that require features supported by well-established and supported libraries available for clients to integrate.
Pasi raised a concerns that for clients this still leaves a risk that servers might diverge in their OAUTH requirements creating a difficulty for clients to have a single, standard authentication flow supported by all servers.
See https://oauth.net/2/pkce/
The text was updated successfully, but these errors were encountered: