This is a problem. Jeffalo will have to provide the private keys if you want to implement oauth
↩ repost
so for those of you making native wasteof clients, how does login work?
eg. how do you allow people to login via github/google?
This is a problem. Jeffalo will have to provide the private keys if you want to implement oauth
so for those of you making native wasteof clients, how does login work?
eg. how do you allow people to login via github/google?
Do you mean the client secret? Yeah, you're right. I definitely wouldn't give someone else my client secret to an OAuth API. The more secure way would be to have some sort of page on wasteof.money that would allow you to authenticate with OAuth but then would open the mobile app and send the token with it.