Skip to main content
Software Engineering

You are not logged in. Your edit will be placed in a queue until it is peer reviewed.

We welcome edits that make the post easier to understand and more valuable for readers. Because community members review edits, please try to make the post substantially better than how you found it, for example, by fixing grammar or adding additional resources and hyperlinks.

Required fields*

11
  • What kind of client are you talking about? I assume that most of the clients will have a UI. In which case, you can load up the OAuth login page in a webview (desktop, mobile) or redirect to it directly (web). I don't see why you need to avoid UI. Commented Sep 18, 2015 at 5:07
  • @decyclone please read the very first sentence to the question! I'm taking about REST (headless HTTP) clients authenticating against REST services. Commented Sep 18, 2015 at 10:09
  • The question I am asking is if that client has any UI at all? Even if it had not, I have seen applications with no UI pop a dialog at least for authentication. Commented Sep 18, 2015 at 13:00
  • @decyclone no a pure REST client has no UI whatsoever, although UI's typically use a pure REST client for connecting to a REST service. One use case is a command line tool that uses a REST client for sending user commands (entered on the shell) to the REST service. Popping a UI from a shell just isn't an acceptable solution here. Commented Sep 18, 2015 at 13:04
  • 1
    But, I should note, there are plenty of other use cases outside a command line/shell. Another use case is a Java/Ruby/Python pure REST/HTTP client that has no UI and might be running on a backend server that has no UI. The backend server needs to communicate with another backend server over REST. Here, not only would it be awkward and hacky to pop a UI when backend server #1 needs to speak to backend server #2, the real problem there is there's no browser/UI client to display the login page to, and there's no human being there to log in!!! Commented Sep 18, 2015 at 13:08