[openstreetmap/openstreetmap-website] Default value for "Confidential application" in OAuth2 client registration seems to be questionable (Issue #3494)
Joan Maspons
notifications at github.com
Fri Jun 30 17:23:34 UTC 2023
> there is no need for the client to even use it - if the client is not confidential then the `client_secret` parameter can be left out when requesting the access token.
I tried in R with httr2, but it fails without the secret, even for a non-confidential OAuth2 app. Anyway, it's quite cheap to get a new secret, so I suppose nobody will spend the time looking for them
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/3494#issuecomment-1614953876
You are receiving this because you are subscribed to this thread.
Message ID: <openstreetmap/openstreetmap-website/issues/3494/1614953876 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20230630/57f65005/attachment.htm>
More information about the rails-dev
mailing list