|
|
|
|
|
|
by bryanh
5070 days ago
|
|
|
We at Zapier have seen it all when it comes to API's. IMO, the biggest poison around OAuth are options. Optional grant types, various refresh token options, miscellaneous state and scope options, etc... What is the point of a standard that cannot be implemented the same way twice? It's insane. That said, most smaller vendors stick to the sane bits, its the big guys like Intuit or Microsoft that over-engineer their auth and pull out every fiddly feature in the spec. |
|
|