Sascha Preibisch

OAuth - No more implicit grants!

Blog Post created by Sascha Preibisch Employee on Nov 15, 2018

Hello everyone!

 

Please be aware that the IETF's OAuth working group is now recommending not to use any implicit flow anymore. This includes the response_type=token and any other that issues an access_token as part of the response.

 

Torsten Lodderstedt, member of the working group, has written a good article about this, please have a look:

Why you should stop using the OAuth implicit grant!

 

Please let me know if you have any questions via email of comments.

Outcomes