Confirmed users
398
edits
Line 47: | Line 47: | ||
The tokenss must be some kind of opaque data that can not be passed to other Apps, only valid for the app it-self. For security reason, the tokens should not be reversed to the server Apps, so the token holder can not tell what app it connect to by a token. | The tokenss must be some kind of opaque data that can not be passed to other Apps, only valid for the app it-self. For security reason, the tokens should not be reversed to the server Apps, so the token holder can not tell what app it connect to by a token. | ||
With tokens, the app can by-pass the permission checking that defined in the manifest. But, with permission checking of application choosers, an App can access only limited Apps. | |||
== Use Case == | == Use Case == |