re: Web Authentication for Actual Humans, Part Two VIEW POST

VIEW PARENT COMMENT VIEW FULL DISCUSSION
 

That's probably a bit less clear than I intended. Essentially I feel that OAuth is something you do because the thing you do is authenticate with some trusted third party. It's not enough that you're just a user of that third party, you have to actually authenticate with them to prove that you are who you say you are.

 

Ah, I see. Thank you for the clarification there 👊

So you have to "do" some actual work to prove that you are who you say you are.

Right and you're doing it in a third party's application which is where the distinction comes from IMO

code of conduct - report abuse