archive
/
matrix-spec-proposals
mirror of https://github.com/matrix-org/matrix-spec-proposals
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add notes about alternatives

Browse Source 
From https://github.com/matrix-org/matrix-spec-proposals/pull/4341#discussion_r2318641442
hughns/device-authorization-grant
Hugh Nimmo-Smith 3 months ago
parent 2706d02968
commit 68184aac31
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File

11
proposals/4341-device-authorization-grant.md
Unescape Escape View File

@ -148,6 +148,17 @@ Otherwise, none identified.
I'm not aware of any other standardised OAuth grant types that would be suitable as an alternative.
### Requiring support for the new grant type
We could make it mandatory that new grant type is supported by Matrix homeservers.
As currently proposed it is optional and discoverable via the `grant_types_supported` metadata.
### Make `verification_uri_complete` be mandatory
RFC 8628 makes makes `verification_uri_complete` optional, but we could make it mandatory. This could improve the UX for some
use cases.
## Security considerations
[RFC 8628 section 5](https://datatracker.ietf.org/doc/html/rfc8628#section-5) contains various security considerations

Write Preview
Loading…
Cancel
Save