| ▲ | magicalhippo 2 days ago | |
The blog mentions right at the start that it's based on OAuth 2.0/OIDC, similar to how you log in to your Google account in Thunderbird for example. > I always wonder how it will work for someone writing their own client, perhaps a very basic client (or a bot). For interactive clients, it'll be the standard OAuth 2.0 Authorization Code flow[1]. For non-interactive services they say in the proposal[2] that one uses the existing method but they will implement the standard OAuth 2.0 Client Credentials flow[3], which is effectively like a traditional username/password deal, though the "password" is not the account password. [1]: https://learn.microsoft.com/en-us/entra/identity-platform/v2... [2]: https://github.com/matrix-org/matrix-spec-proposals/blob/002... [3]: https://developer.okta.com/docs/concepts/oauth-openid/#clien... | ||