Differences

This shows you the differences between two versions of the page.

--- dev:app_authentication_example [2016/04/21 17:13] – [3. Authenticated Requests] su
+++ dev:app_authentication_example [2017/11/21 16:46] (current) – su
@@ Line 5: / Line 5: @@
 [https://tools.ietf.org/html/rfc6749|OAuth 2.0) is an IETF specification that allows 3rd party applications to gain limited access to an HTTP service on behalf of a user.
-OAuth is used extensively on the web already: if you have ever logged into a 3rd party web site using your Facebook, Google, or LinkedIn account, you have already used OAuth.  Indeed, the App Store requires users to log in via LinkedIn, and then requests information such as a user's name, email address and profile picture to allow it to create a profile for the user.
+OAuth is used extensively on the web already: if you have ever logged into a 3rd party web site using your Facebook, Google, or LinkedIn account, you have already used OAuth.  Indeed, the App Store allows users to log in via LinkedIn, and then requests information such as a user's name, email address and profile picture to allow it to create a profile for the user, likewise with ADFS , and with Google accounts.
-In addition to using LinkedIn's OAuth service to log users into the App Store, the App Store also has its own OAuth service, to allow applications such as the Valve Signature Tool to log users in via the App Store, and to allow those applications to charge users for application usage.
+The App Store also has its own OAuth service, to allow applications such as the Valve Signature Tool to log users in via the App Store, and to allow those applications to charge users for application usage.
 Below is a simple example illustrating the [[https://tools.ietf.org/html/rfc6749#section-4.1|Authorization Code Grant Flow]] recommended for Web-Server Apps. Note the process is different for Excel, browser-based and other types of App.