The resulting profile URL MAY be different from what the user initially entered, but MUST be on the same domain. This gives the authorization endpoint an opportunity to canonicalize the user's URL, such as correcting http to https, or adding a path if required. See Redirect Examples for an example of how a service can allow a user to enter a URL on a domain different from their resulting me profile URL.
The resulting profile URL MAY be different from what the user initially entered. This gives the authorization endpoint an opportunity to canonicalize the user's URL, such as correcting http to https, or adding a path if required. See Differing User Profile URLs on how to verify that the provided me profile URL can be trusted.
See OAuth 2.0 [[!RFC6749]] Section 5.2 for how to respond in the case of errors or other failures.
@@ -542,7 +542,7 @@ "me": "https://user.example.net/" } -The resulting profile URL MAY be different from what the user initially entered, but MUST be on the same domain. This provides the opportunity to canonicalize the user's URL, such as correcting http to https, or adding a path if required. See Redirect Examples for an example of how a service can allow a user to enter a URL on a domain different from their resulting me profile URL.
The resulting profile URL MAY be different from what the user initially entered. This provides the opportunity to canonicalize the user's URL, such as correcting http to https, or adding a path if required. See Differing User Profile URLs on how to verify that the provided me profile URL can be trusted.
See OAuth 2.0 [[!RFC6749]] Section 5.2 for how to respond in the case of errors or other failures.
@@ -636,7 +636,6 @@authorization_endpoint as the initially-entered profile URL.