|
|
|
|
|
|
by tg3
2137 days ago
|
|
|
Xkit acts purely as an agent for our customers, we don't make use of the access granted ourselves (and as mentioned in another comment, we're happy to sign contracts to that effect). As a result, the consent screen and what users are aware of is the identity of the party they're granting access to - the Xkit customer, not Xkit itself. As a side note, OAuth2 explicitly supports multiple clients and in fact recommends it if you are using the clients in different contexts. Google implements this pretty effectively imo. |
|
|