Quick Links

View Show Available Profiles


OAuth Changes

Public annoucement posted on Fri, 07 Aug 2009 by iapain


Eviscape OAuth has adopted OAuth 1.0a. We have found XSRF bug with our Authentication mechanism. We have fixed it as per OAuth advisory.

Developers:
Now you can register your application with "callback" and default "permission" parameters, they'll be override by "oauth_callback" and "perm". You may also edit your existing applications and provide this parameters. In other changes, We'r  now only accepting "oauth_callback" while asking for request token.

Users:
We have adopted "verifier" mechanism which means, if there is no callback then we'll display verification code on screen which you might needed for application which made request to access you account.

Read more
http://www.eviscape.com/oauth/docs
http://blog.oauth.net/2009/04/22/acknowledgement-of-the-oauth-security-issue/

Replies
    This Evis needs your voice! Please Login to post comments.