"The process results in a client ID and, in some cases, a client secret, which you embed in the source code of your application. (In this context, the client secret is obviously not treated as a secret.)"
from developers.google.com/identi…
I'm confused.
2
Good find... that is a really confusing sentence. I'm going to try to track that down and see if they can remove it.
1
1
BTW, the reason I found this sentence is because the documentation for the "httr" R package linked to it cran.r-project.org/web/packa…
1
oh wow yeah, I can see how that would be incredibly confusing. Well for the record, OAuth secrets are absolutely supposed to be secret, and we have different solutions for deployments that can't keep secrets.
Aug 27, 2019 · 3:46 AM UTC
1
2