10Ağu
In OAuth 2.0, how is the client secret supposed to be kept secret?
Using most OAuth 2.0 flows, a client application can identify itself to the authorization server by means of a “client id” and “client secret.”
The OAuth 2 specification says that the client secret should indeed be kept secret.
However, …
