From ddb06979f24bb002fa4750c7a403feaf92ef8fcf Mon Sep 17 00:00:00 2001 From: Brendan Forster Date: Fri, 24 Oct 2014 14:37:56 -0700 Subject: [PATCH] minor tweaks --- docs/oauth-flow.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/docs/oauth-flow.md b/docs/oauth-flow.md index 9d713460..32d702e5 100644 --- a/docs/oauth-flow.md +++ b/docs/oauth-flow.md @@ -45,11 +45,13 @@ var request = new OauthLoginRequest(clientId) var oauthLoginUrl = client.Oauth.GetGitHubLoginUrl(request); ``` -Scopes are keys which specify the permissions the application needs. If you don't specify a `Scopes` value, your application will only have read access to the user's public data (repository, user info, etc). There's lots of different scopes available for different interactions with user data, so have a look at the [documentation](https://developer.github.com/v3/oauth/#scopes). +Scopes are keys which specify the permissions the application needs. If you don't specify a `Scopes` value, your application will only have read access to the user's public data (repository, user info, etc). There's lots of different scopes available for different interactions with user data, so have a look at the [documentation](https://developer.github.com/v3/oauth/#scopes) for more information. ### Generating the token -Once the user has been navigated to the URL above and clicked "Authorize Application", you will receive a callback at the default Callback URL for your application. You can override this by specifying a different URL when creating the request, if necessary. +Once the user has been navigated to the URL above and clicked "Authorize Application", you will receive a callback at the default Callback URL for your application. If you require a more flexible URL, you can override this by specifying a different URL when creating the request. + + Your callback will have two parameters, the code generated by the GitHub API and some additional state - this is specifically to prevent CSRF (Cross-Site Request Forgery) attacks and is highly recommended.