Do I need to keep my access token secret
Pergunta
I'm using the actionscript api for a flash application on the web. I would like to perform actions which require an access token, but I'm unsure of the security implications of using this in flash (which can be decompiled). Is the access token something I need to keep secret?
N.B. Specifically I'm trying to post game achievements which require the app's access token to be passed. But I'm not sure how I can do this securely from flash (or whether this is not an issue).
Solução
Use the client side flow guidelines from Facebook for authentication: https://developers.facebook.com/docs/authentication/client-side/
Licenciado em: CC-BY-SA com atribuição
Não afiliado a StackOverflow