You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There is an endpoint, provisionally at GET /oauth/authorize, which clients can open in a popup window in order to authorize the client to access the user's data on Hypothesis.
When a pre-registered client directs the user to this endpoint, the endpoint verifies the client ID and reports an error if it is unrecognized.
If the user is logged in to the service when they visit this endpoint, they are prompted to allow the client to Accept / Deny the client access to the user's data.
If the user is not logged in, they are first shown the login form and then sent to step 3.
After the user accepts, an auth code is generated and delivered back to the client as described in the design document.
If the user rejects or closes the auth prompt, an error is delivered back to the client as described in the design doc.
The text was updated successfully, but these errors were encountered:
Implement an OAuth authorization endpoint that allows users to grant browser-based clients access to data in their Hypothesis accounts.
For context and design discussion, see Client OAuth Login Technical Design.
Acceptance criteria
GET /oauth/authorize
, which clients can open in a popup window in order to authorize the client to access the user's data on Hypothesis.The text was updated successfully, but these errors were encountered: