over 1 year
ago -
Guy_GGG
-
Direct link
Hi koszmarnica
You're right that a user has to log in to the site (aka authentication) to give a third party app authorization to access their data.
Your app has it's own independent authentication.
When you log out of your app, they are de-authenticating themselves from your app, not from the PoE website. Allowing apps to log users out of the PoE website would be a security concern.
Your app has no control over how users authenticate with the PoE website.
You can read more about oAuth (and it's common misconceptions) here: https://oauth.net/articles/authentication/
You're right that a user has to log in to the site (aka authentication) to give a third party app authorization to access their data.
Your app has it's own independent authentication.
When you log out of your app, they are de-authenticating themselves from your app, not from the PoE website. Allowing apps to log users out of the PoE website would be a security concern.
Your app has no control over how users authenticate with the PoE website.
You can read more about oAuth (and it's common misconceptions) here: https://oauth.net/articles/authentication/