Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
Vladislav2015-08-26 15:49:03
User identification
Vladislav, 2015-08-26 15:49:03

Is it safe to pass the token in the callback url to use it after the redirect?

In general, there is an application server that communicates with the client via the REST API, passing the token.
There is a method for binding a third-party service, a link + callback leads to the service, to which it will return. So is it possible to pass a token to this callback so that the user is authorized upon return.
Is it possible to do this at all?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
X
xmoonlight, 2015-08-26
@xmoonlight

No, you can't do that.
The token must be generated only by your REST API.
After authorization, the site needs to get a TEMPORARY! authorization token from your service and then pass along with the parameters to the callback-URL, then again by your service - check all the parameters and, if they match, authorize the user.

Similar questions
E
eri2021-10-27 16:54:58
How to subscribe to authentication events in asterisk? 1Reply
A
alestro2016-03-19 19:29:35
How to log out a user who is not active for a certain amount of time? 3Reply
M
MrlCrosl2013-12-20 13:11:38
Authorization in Steam 1Reply
A
Anton Shelestov2018-08-12 01:02:38
How does social authentication work? network on client sites through your server? 1Reply
S
sergofun2014-01-07 15:25:38
Authorization standalone application vk on java 5Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question