Good find... that is a really confusing sentence. I'm going to ... • Aaron Parecki

44°F

Amateur Slacker https://twitter.com/noop_noob • Aug 26
"The process results in a client ID and, in some cases, a client secret, which you embed in the source code of your application. (In this context, the client secret is obviously not treated as a secret.)"

from https://developers.google.com/identity/protocols/OAuth2

I'm confused.

Good find... that is a really confusing sentence. I'm going to try to track that down and see if they can remove it.

Portland, Oregon, USA

Mon, Aug 26, 2019 2:31pm -07:00 #oauth

1 like 2 replies
- Amateur Slacker
Have you written a response to this? Let me know the URL:
- Aaron Parecki twitter.com/aaronpk
  
  oh wow yeah, I can see how that would be incredibly confusing. Well for the record, OAuth secrets are absolutely supposed to be secret, and we have different solutions for deployments that can't keep secrets.
  
  Tue, Aug 27, 2019 3:46am +00:00 (via brid-gy.appspot.com)
- Amateur Slacker twitter.com/noop_noob
  
  BTW, the reason I found this sentence is because the documentation for the "httr" R package linked to it cran.r-project.org/web/packages/h…
  
  Tue, Aug 27, 2019 2:19am +00:00 (via brid-gy.appspot.com)

Posted in /replies using quill.p3k.io