JavaScript is required to use Bungie.net

#Community

ursprünglich gepostet in:BungieNetPlatform
3/4/2015 2:23:37 PM
4

OAuth 2.0

This is a request for OAuth 2.0 support so that we can securely access endpoints that require authorization without trying to hack around your login process. There's a lot of potential out there for third-party apps but until we have a way to securely login without prompting users for credentials it's not going to happen.

Sprache des Beitrags:

 

Bearbeiten
Vorschau

Benimm dich. Nimm dir eine Minute, um dir unsere Verhaltensregeln durchzulesen, bevor du den Beitrag abschickst. Abbrechen Bearbeiten Einsatztrupp erstellen Posten

  • To add, I would ideally like it to be permission-based a la Twitter, Google, Facebook, etc... so users can see what things they're authorising and for developers to target individual services. For example, an application which wants to view the contents of your vault probably doesn't need to be able to post to the forum. In saying that however, I think it's pertinent to recognise the inherent danger in third party applications having access to accounts (especially those which modify in-game elements) along with the susceptibility of players, especially younger ones. As most people here have no doubt seen already with what happened via Playstation's Share Play, some players will go to lengths to achieve what they think will give them an/the edge, even if it does mean cheating. So if they see an application which can do it for them (or at least claim to), I have no doubt some will try to use it. I still don't want to say I don't support the idea (obviously), but setting it up in such a way that allows third party applications to be deployed while communicating to players what the potential risks are of allowing them access is crucial.

    Sprache des Beitrags:

     

    Bearbeiten
    Vorschau

    Benimm dich. Nimm dir eine Minute, um dir unsere Verhaltensregeln durchzulesen, bevor du den Beitrag abschickst. Abbrechen Bearbeiten Einsatztrupp erstellen Posten

    5 Antworten
    • +1 for OAuth support. That'd be grand.

      Sprache des Beitrags:

       

      Bearbeiten
      Vorschau

      Benimm dich. Nimm dir eine Minute, um dir unsere Verhaltensregeln durchzulesen, bevor du den Beitrag abschickst. Abbrechen Bearbeiten Einsatztrupp erstellen Posten

      1 Antworten
      • +1 Bump. Makes little sense to have people hack around your auth when you could implement it legitimately and with a standard backed by so many well known companies.

        Sprache des Beitrags:

         

        Bearbeiten
        Vorschau

        Benimm dich. Nimm dir eine Minute, um dir unsere Verhaltensregeln durchzulesen, bevor du den Beitrag abschickst. Abbrechen Bearbeiten Einsatztrupp erstellen Posten

      • +1 for oauth. I agree, hacking around the auth model is troublesome at best. There's no real way to gain user trust.

        Sprache des Beitrags:

         

        Bearbeiten
        Vorschau

        Benimm dich. Nimm dir eine Minute, um dir unsere Verhaltensregeln durchzulesen, bevor du den Beitrag abschickst. Abbrechen Bearbeiten Einsatztrupp erstellen Posten

      Es ist dir nicht gestattet, diesen Inhalt zu sehen.
      ;
      preload icon
      preload icon
      preload icon