diff options
| -rw-r--r-- | yuck.mdwn | 4 |
1 files changed, 3 insertions, 1 deletions
@@ -230,7 +230,9 @@ authentication. to authenticate themselves). * The facade holds the access token on behalf of an authenticated end - user. + user. The access token can't be given to the browser, since the + browser can't be assumed to be highly secure, from the point of view + of the relying party. * The facade talks to a backend, giving it the user's access token as proof of authentication and authorization. |