Typical OauthFlow:(example is github)
- Redirect users to request access
- Service redirects back to your site(with code) after user approves
- Use code to get access token to access the API
Marketo OAuth Flow:
- Auth path is undocumented or does not exist
- cannot redirect back because auth path does not exist
- provides an
Identity
url which accepts a client_id and client_secret in return gives the access token for the provided client_id and client_secret??? this makes no sense
there are a million services that have a working oauth flow!