I am using Laravel for my APIs and its passport module for authentication. I have two client applications: MobileApp and VueApp. I am new to OAUTH2 so, I did some research on this and found that grant_type password will serve my purpose as my application will take the user's email and password and uses its client_id and client_secret to get the access token. If I store the client_secret in MobileApp or VueApp then it will be a security breach. So please help me by letting me know how to overcome this security breach.
from Newest questions tagged laravel-5 - Stack Overflow https://ift.tt/2nSvtu0
via IFTTT
Aucun commentaire:
Enregistrer un commentaire