Pushed Authorization Requests (Par) in Asp.net Core 9

apitman · 2024-11-10T08:54:19 1731228859

A notable use of PAR in the wild is in atproto OAuth: https://atproto.com/specs/oauth

tndata · 2024-11-06T07:59:01 1730879941

[flagged]

djantje · 2024-11-10T09:41:45 1731231705

It looks nice. Are there plans to (try to) remove all the GET request parameters from the authentication flow? The Authorization request maybe seems one (the browser would need to support that, or use Javascript, or maybe a shortlived cookie) And also "8" GET tokens using the code, is potentially one?

nesarkvechnep · 2024-11-10T10:33:56 1731234836

I think you didn’t reply to what you intended.