area51 chapters texts in as they are #2521
Conversation
|
Hi @TobiasAhnoff and @randomstuff - I made some updates to the PR, but it is not covering every comment here. If you have agreement, please update the PR as well - it is more effective way than I going to do the find-replace activity. If there is a separate discussion (especially about some requirement wording), please open a separate issue for that. The goal here is to have the chapter text in and to get wider feedback for this. |
|
A public client is not capable of maintaining the confidentiality of credentials or is able to authenticate itself with the authorization server in a secure way. Therefore, a public client can not be trusted with client credentials and can only identify itself using the given client id.
That said, this configuration should still provide zero access until the user authenticates and grants consent. Also, security measures like PKCE is required….
|
Yes, I think we have this covered in requirements for PKCE and consent etc |
|
The action from here is - @tghosth checks the language/grammar and we merge it in. It does not mean that it is completely ready now and can not have changes in the future - it only means it gets into the document to get feedback from a wider audience and new modifications go in through separate PRs. |
Chapter texts for V51 OAuth and OIDC