Re: [keycloak-dev] urn:ietf:wg:oauth:2.0:oob always valid?
From what i’ve seen with oob uri seems to be mainly used by Google.
Facebook will use a redirect_uri which looks like fb<appId>://authorize/
Not sure there is a standard way of expressing out of bound uri.
++
Corinne
On 20 May 2014, at 17:51, Stian Thorgersen <stian(a)redhat.com> wrote:
Not sure what you mean, but if you're asking if a login request
can have '..?redirect_uri=urn:ietf:wg:oauth:2.0:oob' without
'urn:ietf:wg:oauth:2.0:oob' listed as a valid redirect_uri on the
application/client, then no.
----- Original Message -----
> From: "Bill Burke" <bburke(a)redhat.com>
> To: keycloak-dev(a)lists.jboss.org
> Sent: Tuesday, 20 May, 2014 4:32:06 PM
> Subject: [keycloak-dev] urn:ietf:wg:oauth:2.0:oob always valid?
>
> If the client has a redirect uri of urn:ietf:wg:oauth:2.0:oob, this is
> always acceptable?
>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev