Recommended authentication method?

[Raúl Mellado]

Hi,

I am currently building a WordPress plugin to gather Adsense stats, so in my initial idea to use the API was to create an OAuth client id, and then select "Web application" (each user would have to do that for each WP install).

However, I have just found another plugin that does a similar function, and the developer has a walkthrough video, where he says that to use his plugin, you should create an OAuth client id, and select "Installed application" >> Other.

What's your view on this? Any reason why I should choose one of them over the other one?

Thanks so much!

Raul

[Jose Alcérreca (AdSense API Team)]

Hey Raúl,

That's a very good question.

My recommendation is that you use the "Web application" method. It's safer because it's tied to a domain. The downside is that the walk-through for your users has an additional step, as they would have to specify a callback URL in the APIs console and your plug-in would have to listen on that URL.

The installed application method has additional steps that require to open a browser window and many of your users won't have access to one.

What you should never do is distributing your client secret with the plugin, which is the unsafe short-cut.

Cheers!

Jose

---

Jose Alcérreca

Developer Relations

Google UK Limited

Registered Office: Belgrave House, 76 Buckingham Palace Road, London SW1W 9TQ

Registered in England Number: 3977902

[Raúl Mellado]

Thanks Jose, all clear now!

Cheers!