ForumsDevelopersAPI for desktop apps
API for desktop apps
Author | Message |
---|---|
Simon W |
Hi,
Are there any plans for releasing an OAuth authorization endpoint that is suitable for desktop or open-source apps? The current flow isn't really applicable, because the secret key would have to be embedded in the app and would therefore be susceptible to discovery be a persistent user. Twitter/Google etc. already have these flows and I think they're standardised - are you planning to roll one out here? Thanks, Simon |
Jake Toodledo Founder |
We are considering it.
Right now, the worst that could happen if a persistent user found you secret key is that they could use the API and pretend to be your app. This would skew our internal statistics about which apps are being used, but it wouldnt have an outward facing outcome. Our API is free and will give a secret key to anyone who wants one, so I dont think it's a big security consideration. |
You cannot reply yet
U Back to topic home
R Post a reply
To participate in these forums, you must be signed in.