Yes, the authCallback?
Jesse
71

Yeah, that makes sense security wise. I also read Joe’s comments; his most recent one adds some clarity.

What I’m still missing is what to use for a redirect_uri when there is no server involved. Using a dummy URL seems like a security risk, too, in that now phonegap.com (in your example) is able to intercept the response.

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.