I mentioned in my #OAuth talk last week that I was working on a blog post describing how to add the Device Flow to any OAuth server, and I just finished the post! \o/ 🔐 https://developer.okta.com/blog/2019/02/19/add-oauth-device-flow-to-any-server

@aaronpk I'm guessing you might know better, with is it possible to only get the info if the user is who they claim to be (but without a password) or is it also possible to get the info to for example which groups he/she is associated with (like admin, user, reader)?

@jeena Technically OAuth doesn't even give you user info, you're getting in to OpenID Connect/IndieAuth territory if you want that. As for groups and roles, those are super specific to the implementation so aren't really part of the standard at all. You can use OAuth as a framework to do this but you won't find much in the way of standards for it.

@aaronpk ok thanks a lot that makes it clear, then I know what I need to google for!

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!