[OSM-dev] oauth token lifetime
Jiri Vlasak
jiri.hubacek at gmail.com
Sat Apr 27 13:37:59 UTC 2019
On Fri, Apr 26, 2019 at 07:28:39PM +0100, Tom Hughes wrote:
> On 26/04/2019 19:06, Jiri Vlasak wrote:
> > This approach is similar to one used by HOT Tasking Manager [1]. In my "oauth
> > settings" section I have many many "Tasking Manager 3 - Prod" tokens. And I
> > feel this approach is not right.
>
> That's usually because the client is broken and is not storing the
> token but is instead requesting a new one every time you use it.
That's my guess too. So, I would like to write it better. My problem is that I
am quite confused by OAuth.
If I understand it correctly, OAuth is here for authorization. But, in my case
(and in the case of HOT Tasking Manager), the use case is authentication.
So maybe I should ask - is it possible to authenticate to osm.org?
Thanks a lot,
jiri
More information about the dev
mailing list