[openstreetmap/openstreetmap-website] Default value for "Confidential application" in OAuth2 client registration seems to be questionable (Issue #3494)
Harel M
notifications at github.com
Tue Nov 29 10:44:01 UTC 2022
This might not be the right place to ask this, but I'm currently working on migrating my app from OSM's OAuth 1 to 2.
I have a mobile app and a website with both use the same backend server.
When I create a non-confidential OAuth app (uncheck the checkbox mentioned here) I still see the client secret. From what I read I shouldn't be using it, so I'm not sure if it should be presented or not - this got me confused.
The other question is: are there different capabilities that are offered if I use confidential vs non-confidentail from OSM perspective, i.e. can I edit an OSM entity while using the non-confident OAuth flow (from the user who uses my app that uses the flow I mean)?
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/3494#issuecomment-1330431482
You are receiving this because you are subscribed to this thread.
Message ID: <openstreetmap/openstreetmap-website/issues/3494/1330431482 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20221129/49c12118/attachment.htm>
More information about the rails-dev
mailing list