I'm currently implementing an omniauth solution for an app that will initially be in an invite only mode. I can restrict the UI so that a person cannot see the registration screen from which omniauth could be activated unless they have a valid invitation code. That being said, if a user knew the url structure, they could try to initiate the omniauth process directly and I'm trying to figure out how to handle that. I can't lock down the authentication url because an already registered user would need to go through them and they would not have their invitation code after the initial registration. Ideally I'd like to pass the invitation code along in the omniauth request so that it would come back to the app upon success, but in looking I found this thread which said that is not possible.
http://groups.google.com/group/omniauth/browse_thread/thread/4d99d608... Is this still true or is it now possible to do what I'm looking for? Is setting the value in the session still the preferred way or is there a better way to handle this when using OmniAuth? Thanks in advance Chris
