• #indieweb 2014-04-29
  • Prev
    Next
  • #indieweb
  • #dev
  • #wordpress
  • #meta
  • #stream
  • #microformats
  • #known
  • #events
#indieweb ≡
  • ←
  • →
2014-04-29 UTC
# 21:00
kbs so to a first approximation, I *think* your idea is that the authorization-endpoint to return a token that asserts: [app=someid, user=someid]-signed-by-authorization-endpoint. This is passed to the token-end-point, which then returns [user=someid, scope=this-permission]-signed-by-token-end-point. Both are finally passed to the micropub endpoint, which can decide whether to honor these assertions