FWIW, SSO is a special case of sorts for BBAuth, so things were really designed around the needs of apps that need access to user data. Since there seems to be a lot of interest in the SSO support, we'll look into tailoring that on our side.
Jeremy
Andrew Chen wrote:
Ding! That's basically what I was getting at. I'd like to be able to throw the user to Yahoo! login as often as I'd like, but they should only get the permission page the first time. Each subsequent time should result in just the Yahoo! login page and redirect back to me. ----- Original Message ---- From: rmitz <rmitz@...> To: ydn-auth@yahoogroups.com Sent: Tuesday, October 3, 2006 12:21:14 AM Subject: [ydn-auth] Re: permission page continues to be shown, even after agreeing --- In ydn-auth@yahoogroup s.com, "sashimikid" <jlevitt@... > wrote:--- In ydn-auth@yahoogroup s.com, "trythinking" <trythinking@ > wrote:But according to the verify page itself, it says that permission would last 2 weeks. What's the point of granting access for 2 weeks if they're going to be continuously shown that access page for that duration? Thanks.When the user successfully logins the first time, you (the developer) are provided a token that you can use to make authenticated web service calls on their behalf for two weeks. So, they don't have to see the access page again until the token expires in two weeks.I think some people are missing the point. The point is not for yahoo to control how long the user is logged in (though I think that would be fine too.) The point is that a user will want to log in from multiple different machines, perhaps different browsers, etc, and it's cumbersome for someone to have to approve their login each time. In addition, I believe that it's a cleaner interface that once someone has signed into yahoo, those credentials should be sufficient to gain them automated access to whatever service that has already been approved. Particularly if that service has asked to not have access to any of the user's yahoo data, that is, i.e. it is operating purely as a SSO system. Roman. Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/ydn-auth/ <*> Your email settings: Individual Email | Traditional <*> To change settings online go to: http://groups.yahoo.com/group/ydn-auth/join (Yahoo! ID required) <*> To change settings via email: mailto:ydn-auth-digest@yahoogroups.com mailto:ydn-auth-fullfeatured@yahoogroups.com <*> To unsubscribe from this group, send an email to: ydn-auth-unsubscribe@yahoogroups.com <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
-- Jeremy Zawodny jzawodn@... Yahoo! Developer Network http://developer.yahoo.com/
Offline 
Send Email
