[OSM-talk] Using OAuth with JOSM
Nicolás Alvarez
nicolas.alvarez at gmail.com
Sun Mar 13 20:33:03 UTC 2016
2016-03-13 17:04 GMT-03:00 Mark Bradley <ethnicfoodisgreat at gmail.com>:
> I am not familiar with OAuth. If I upload data using JOSM from different
> computers but using the same OSM account, should I use the same access token
> key and access token secret on both computers?
You should use different tokens, that's the main advantage of OAuth.
For example, if one of those computers is compromised/stolen/whatever,
you can revoke that token alone. Using password authentication you
would have to change your password and re-login on *every* computer.
Although there is a flaw (don't know who's to blame): it's hard to
tell which computer is which in the OSM "revoke tokens" config page
since they all say just say "JOSM".
--
Nicolás
More information about the talk
mailing list