https://stackoverflow.com/questions/22776450
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianThere is a separate workflow for using OAuth2 on installed applications or devices.
See link below to relevant google documentation
Use Google OAuth 2.0 refresh token without client_secret
-
25-06-2023 - |
Question
So I know it is bad to store the client_secret in a client side app (in my case a mobile app); however, the below link is the only link which describes how to use your refresh token for Google OAuth 2.0 and it requires the client_secret.
https://developers.google.com/accounts/docs/OAuth2Login#refresh-tokens
My question: Is it possible to use Google OAuth 2.0 in a client side app without using/storing the client_secret? I know that Windows Live Connect's flavor of OAuth 2.0 allows you to refresh your token without specifying the client_secret, but I have not yet discovered a way to do this with Google's API.
Any thoughts?
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
