0

How do I develop an OAuth Authorization page which a user can interact with but not the application being authorized?

I'm developing an API set and want to allow mobile apps to interact with the API, provided that they're authorized to do so on behalf of the user.

Once I've authenticated the user, how do I ensure that the user has clicked the OK button, rather than the application itself?

Regards, Yusuf

4

1 回答 1

1

在发送访问令牌之前,您可以添加输入任何类型的验证码的需要,例如重新输入密码或输入验证码。

于 2012-06-04T15:31:48.200 回答