• #dev 2018-08-08
  • Prev
    Next
  • #indieweb
  • #dev
  • #wordpress
  • #meta
  • #stream
  • #microformats
  • #known
  • #events
#dev ≡
  • ←
  • →
2018-08-08 UTC
# 08:45
@martijnvdven ↩️ Does the auth code flow require a client secret? Not sure “less secure” is always true. It is true that the IndieAuth exchange step does not contain proof of the client being the same as from initial request. It might be an idea to look into https://tools.ietf.org/html/rfc7636 for that. (twitter.com/_/status/1027113502018859008)