Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
tptacek
on May 5, 2020
|
parent
|
context
|
favorite
| on:
OAuth 2.0 Security Best Current Practice
Google Mail's OAuth2 instructions discuss this point explicitly.
diafygi
on May 6, 2020
[–]
Have a link?
psanford
on May 6, 2020
|
parent
[–]
"The process results in a client ID and, in some cases, a client secret, which you embed in the source code of your application. (In this context, the client secret is obviously not treated as a secret.)"[0]
[0]:
https://developers.google.com/identity/protocols/oauth2
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
