Commit997f34e

committed

Merge pull requestgithub#677 from github/izuzak-no-implicit-flow-in-oauth

Add a note to OAuth docs to clarify that GitHub's OAuth implementation doesn't support the implicit flow

2 parents1b50009 +3fc836e commit997f34eCopy full SHA for 997f34e

File tree

-0

lines changed

-0

lines changed

Lines changed: 2 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -20,6 +20,8 @@ and Client Secret. The Client Secret should not be shared.`
`20`	`20`	`**You may create a[personal access token](https://github.com/settings/tokens/new)`
`21`	`21`	`for your own use or implement the web flow below to allow other users to authorize your application.**`
`22`	`22`
	`23`	`+GitHub's OAuth implementation supports the standard[authorization code grant type](https://tools.ietf.org/html/rfc6749#section-4.1). Developers should implement the web application flow described below to obtain an authorization code and then exchange it for a token. (The[implicit grant type](https://tools.ietf.org/html/rfc6749#section-4.2) is not supported.)`
	`24`	`+`
`23`	`25`	`##Web Application Flow`
`24`	`26`
`25`	`27`	`This is a description of the OAuth2 flow from 3rd party web sites.`

Comments

(0)