-
Notifications
You must be signed in to change notification settings - Fork 149
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Flow example - implicit flow #135
Comments
As far as I can see we can't modify the responce_type from code? But the readme.md in the Features section explicitly mentions that is supports the ImplicitFlow for RP, so I guess Im missing something? Thanks, |
Hi there let me check this tomorrow 😎 cc @livio-a @fgerschwiler |
Hey @zarkoc First of all: Thanks for the issue. Is there any reason why you need to use the implicit flow? Because IMHO there is no need to support it. The implicit grant was designed for OAuth |
I'm looking at Facebook's OIDC support here: https://www.facebook.com/.well-known/openid-configuration... their so called "limited login". Appears to only support the implicit @livio-a When you say "there is no need to support it [the implicit flow]", are you implying there is another way to handle auth to a service like Facebook OIDC from our end? If so, what would you recommend? Or were you implying that a provider not supporting the |
Implicit only makes sense in certain Single Page Apps running in browsers, where the app can't or won't call the token endpoint using the If there are mayor vendors that only support implicit, we might reconsider based on popular demand of the zitadel and /or oidc community. Technically speaking one should write to Facebook and kindly ask them to support code flow instead, given the above reasoning that seems to be more sane. |
Hi all,
Im trying to implement a client using the Implicit flow.
But the question is also more general, I cant find how and where to set up the response_type so that I can change the flow to implicit.
To me its seems that the default flow is the authorization_code flow.
Thanks,
Zarko
The text was updated successfully, but these errors were encountered: