Aaron Parecki (@aaronpk): "Alright, I think we can call it. Between @tlodderstedt's OAuth Security Best Practices and OAuth 2.0 for Browser Apps, the Implicit Flow is dead. https://tools.ietf.org/html/draft-ietf-oauth-security-topics-09 https://tools.ietf.org/html/draft-parecki-oauth-browser-based-apps-00 https://medium.com/@torsten_lodderstedt/why-you-should-stop-using-the-oauth-implicit-grant-2436ced1c926" | nitter

Aaron Parecki @aaronpk

9 Nov 2018

Alright, I think we can call it. Between @tlodderstedt's OAuth Security Best Practices and OAuth 2.0 for Browser Apps, the Implicit Flow is dead. tools.ietf.org/html/draft-ie… tools.ietf.org/html/draft-pa… medium.com/@torsten_lodderst…

Why you should stop using the OAuth implicit grant!

No one should any longer use the implicit grant! That’s what IETF’s OAuth working group, the authority for official OAuth specifications…

Nov 9, 2018 · 4:57 PM UTC

4

3