docs: Implicit Grant flow is deprecated danger warning #1543
Conversation
|
Couple of notes on this. Personally, I'd rather just rework the guide not to use implicit grant at all. In many other areas of the guide, we moved away from showing people a "bad but easy" way to do things, then changing it all in the next section. Just show the right way from the start. Otherwise if we do want to stick with a warning, using |
|
I can change the pr to remove implicit grant completely if that would be preferable. If we decide to keep implicit grant, I'll change the masked text to make it more clear, thanks for the heads up on that. |
|
applied to the legacy section of the next guide iteration |
* chore: remove await wait placeholder prefer using an explanatory placeholder rather than this artificial example original issue: https://github.com/discordjs/guide/issues/1360 * chore: remove implicit grant guide and add disclaimer issue: https://github.com/discordjs/guide/issues/1370/ pr: discordjs/guide#1543 * chore(sharding): improve broadcast sample and use of context argument original PR: discordjs/guide#1624 * feat: add page about setup with proxy original PR: discordjs/guide#1623 * chore: clarify hiding of commands original PR: discordjs/guide#1617 * feat(voice): seeking original PR: discordjs/guide#1483 * chore(oauth2): typo * chore: align with rest of the guide remove abstraction layers in ws proxy handling in favour of directly setting globals * chore: branding over grammar * Apply suggestions from code review Co-authored-by: Qjuh <[email protected]> * chore: remove now obsolete example explanation from comments --------- Co-authored-by: Qjuh <[email protected]>
Implicit grant flow is recommended by the guide for SPAs, however the IETF does not recommend using Implicit grant flow in any scenario, preferring the Authorization code grant.