Idea ID: 2784903

Reduce AutCode Length: Problem with Windows Integrations

Status : Delivered
over 2 years ago
Based on B1132655 a reduced AuthCode length would benefit clients bound to Microsofts' platform and thus extradited to MS policy only to support 2,083 characters.

This limitation is not only restricted to the addressbar in IE, but is also set in many places within the OS. Especially in visual studio libraries. This hinders developers of native applications and force them to use response_mode form_post which is also not fully supported by the libraries. Because the custom URIs schemes are mapped to local appliacations and are usually triggered by a 302 redirect and not by a POST.

Even though the specs do not restrict the length (RFC 6749, RFC 2616, RFC 7230) it would be be beneficially to interoperability if NAM would have something like a "Windows Mode", which caps the length to a maximum of ~1200 characters, so custom URI, state and code can be delivered through a 302.

Tags: