> This could obsolete the hard-coded oauth2 endpoints that are currently in source, right? That would be one goal of this bug, yes, but that works only if * the current hardcoded endpoints (Gmail, Yahoo, MS Office365, Yandex, etc.) support this protocol. Therefore my question in comment 5. * email admins do not use whitelists for allowing clients by ID. Some domain admins do that, particularly security conscious ones, which would lock us out, because the registration ID would change constantly and we'd fail the whitelist.
Bug 1602166 Comment 15 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
> This could obsolete the hard-coded oauth2 endpoints that are currently in source, right? That would be one goal of this bug, yes, but that works only if * the current hardcoded endpoints (Gmail, Yahoo, MS Office365, Yandex, etc.) support this protocol. Therefore my question in comment 5. * email admins do not use whitelists for allowing clients by ID. Some domain admins do that, particularly security conscious ones, which would lock us out, because the client ID would change constantly and we'd fail the whitelist.
> This could obsolete the hard-coded oauth2 endpoints that are currently in source, right? That would be one goal of this bug, yes, but that works only if * the current hardcoded endpoints (Gmail, Yahoo, MS Office365, Yandex, etc.) support this protocol. Therefore my question in comment 5. * email admins do not use whitelists for allowing clients by ID. I know for a fact that this happens, because I've seen the error message. Some domain admins do that, particularly security conscious ones, which would lock us out, because the client ID would change constantly and we'd fail the whitelist.
> This could obsolete the hard-coded oauth2 endpoints that are currently in source, right? That would be one goal of this bug, yes, but that works only if * the current hardcoded endpoints (Gmail, Yahoo, MS Office365, Yandex, etc.) support this protocol. Therefore my question in comment 5. * email admins do not use whitelists for allowing clients by ID. I know for a fact that this happens, because I've seen the error message after login. Some domain admins do that, particularly security conscious ones, which would lock us out, because the client ID would change constantly and we'd fail the whitelist.