Lockbox will be launching an iOS mobile app which will need OAuth client credentials. This will need to be a public trusted client with the following details: hex(id): 98adfa37698f255b name: Lockbox iOS redirectURri: https://mozilla-lockbox.github.io/fxa/ios-redirect.html trusted: true publicClient: true allowedScopes: https://identity.mozilla.com/apps/lockbox Since this is a publicClient, it does not need a hashedSecret; IIRC in these cases we just generate a random secret and immediately discard it.
Noting my approval for this, including the "allowedScopes" string. > redirectURri: https://mozilla-lockbox.github.io/fxa/ios-redirect.html We'll need to update this once the official lockbox website is up and running on a mozilla-hosted domain, but in discussion we decided this third-party URL was fine as an interim state.
:jrgm also see https://bugzilla.mozilla.org/show_bug.cgi?id=1436221#c3
Production oauth client entry created for 98adfa37698f255b, Lockbox iOS, and other settings as noted above.
Status: NEW → RESOLVED
Last Resolved: 11 days ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.