This document defines the WS-I Basic Security Profile 1.1, based on a set of non-proprietary Web services specifications, along with clarifications and amendments to those specifications which promote interoperability. Please refer to the errata, which may include normative corrections to it.The material contained herein is not a license, either expressly or impliedly, to any intellectual property owned or controlled by any of the authors or developers of this material or WS-I.From then on, the authorization code flow works like this: 1.End User requests the third-party service using a browser.2.Given enough technical care this can be made to work well.
A consumer web site can greatly streamline user onboarding by integrating login with these Id Ps.Several introductory and tutorial articles on the Extensible Markup Language (XML) are referenced in the shorter XML Introduction document. "The Extensible Markup Language (XML) is the universal format for structured documents and data on the Web." -- W3C XML Web site, 2000-07-06.The Extensible Markup Language (XML) is descriptively identified in the XML 1.0 W3C Recommendation as "an extremely simple dialect [or 'subset'] of SGML" the goal of which "is to enable generic SGML to be served, received, and processed on the Web in the way that is now possible with HTML," for which reason "XML has been designed for ease of implementation, and for interoperability with both SGML and HTML." Note that the "HTML" referenced in the preceding sentence (bis) means HTML 4.0 and 3.2 which were in common use as of 10-February-1998, when the XML 1.0 specification was published as a W3C Recommendation.By sending email, or otherwise communicating with WS-I, you (on behalf of yourself if you are an individual, and your company if you are providing Feedback on behalf of the company) will be deemed to have granted to WS-I, the members of WS-I, and other parties that have access to your Feedback, a non-exclusive, non-transferable, worldwide, perpetual, irrevocable, royalty-free license to use, disclose, copy, license, modify, sublicense or otherwise distribute and exploit in any manner whatsoever the Feedback you provide regarding the work.You acknowledge that you have no expectation of confidentiality with respect to any Feedback you provide.The OAuth2 flow which is closely related to the original OAuth 1.0 3-leg flow is called Authorization Code and involves 3 parties: the end user, the third party service (client) and the resource server which is protected by OAuth2 filters.