Just taking a peek at your docs. Looks like you're using implicit flow grant type from the OAuth 2.0 spec, is that right?
Judging by the request/response payloads, I couldn't see evidence of authorization code exchange, nor PKCE (lack of code challenge/code verifier values in the payloads). It looks like an access token is immediately issued upon verifying an OTP via a post request.
Q: Would love to see this deal back!
Share MojoAuth
Q: Will this deal come back?
Share MojoAuth
Q: Hello is someone selling their license?
Share MojoAuth
Q: Hi team, Hope you are well!
Just taking a peek at your docs. Looks like you're using implicit flow grant type from the OAuth 2.0 spec, is that right?
Judging by the request/response payloads, I couldn't see evidence of authorization code exchange, nor PKCE (lack of code challenge/code verifier values in the payloads). It looks like an access token is immediately issued upon verifying an OTP via a post request.
Can you...
Share MojoAuth
Q: Hi team, Hope you are well.
I asked a question (copied below), and noticed you answered other questions posted around the same time, but did not answer mine. Maybe it was missed?
Thanks in advance for any answers you are able to provide.
--
Hi team,
Welcome to AppSumo!
I'm considering Tier 3 but I just want to make sure that what we're paying for here is an OAuth OIDC authorization server.
So in this case, I can have...
Share MojoAuth