Menu
I'm planning to access Google's APIs and do authentication using OAuth2. Since I'm going to access them from a Silverlight out-of-browser application I was wanting to know how to keep it secure enough.
I understand that keeping all the details necessary to authenticate on the client is a bit risky. By this I mean the client_id, client_secret, etc. as they could easily be obtained by someone else. So I was wondering how people get round this? Would you use a web service to initally contact Google when authenticating? If so, how can I help keep that secure so only my Silverlight client can access it?
318
OAuth client side authentication does not expose any secret information. If you look at OAuth 2.0 for client-side web applications you will see that only required information is public client_id.
53
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
