Re: Is OAuth 2.0 really secure for installed applications?
12 views
Skip to first unread message
Jorge Canizalez
Jun 21, 2013, 1:25:03 AM6/21/13
to google-ajax...@googlegroups.com
Hi Stanislav,
On Sunday, June 9, 2013 4:18:55 PM UTC-7, Stanislav Ivanov wrote:
as you supposed, there's no way to keep a client secret in the code of an installed application from being revealed. I'm not a security expert, but I know that installed apps use OAuth2 successfully. You can read more on it here.
Hope it helps!
Jorge
Google APIs Engineer
On Sunday, June 9, 2013 4:18:55 PM UTC-7, Stanislav Ivanov wrote:
I'm trying to create a mobile application that utilizes Google API using OAuth 2.0. But I'm concerned if someone can use my client secret keys by reverse engineering my application or outgoing requests from the application to Google API and send requests on behalf of my application.Is there a way to prevent revealing of my client secrets?
Reply all
Reply to author
Forward
0 new messages