[jdev] oAuth equivalent for for XMPP?

Simon Tennant (buddycloud) simon at buddycloud.com
Mon Dec 13 05:46:46 CST 2010

On 13/12/2010 12:39, Christoph Terwelp wrote:
> XEP-0070 doesn't solve this problem because it only handles authentication of a client to a server. Here a authentication at the xmpp server itself is required but without showing the users id and password to an intermediate web server. Something similar is done for example in "Remember the milk" where you can manage external websites and clients and their access rights to your account.
Right - it's the intermediate websites asking for users' password that 
worries me.

I'm not so keen on $RANDOM-WEBSITE asking for buddycloud user's 
passwords. But I see no solution.


Simon Tennant

mobile: +49 17 8545 0880
office: +44 20 7043 6756
office: +49 89 4209 55854

xmpp:simon at buddycloud.com
mailto:simon at buddycloud.com

More information about the JDev mailing list