OAuth for Desktop apps?

It looks like it may be possible, see googles docs on the subject:

https://developers.google.com/identity/protocols/oauth2/native-app


I've been puzzled by the same question about lack of domain or app url, but it turns out redirection is not the only possible way to complete OAuth authentication process.

I.e., when webapp requests access it provides callback url: the one user will be redirected to when process is completed. That's how webapp know that everything's done.

But you can't redirect to application on user's machine. Thus, there's another way: upon successful authentication server presents special code to the user. Then user copies this code and provides it to application.

You can see both ways described in specification draft.
Also, here's an example of this authentication flow with twitter.

Tags:

Oauth