Y
Hacker News
new
|
ask
|
show
|
jobs
by
modeless
669 days ago
It's my understanding that the OAuth "state" parameter nonce is generated and stored and validated on the client, not the server.
1 comments
loa_in_
669 days ago
You're right. sorry. There goes me not refreshing my memory about the flow.
link