How to store client id and secret in html / js clients for OAuth 2.0

I recently implemented OUTH 2.0 (with tastypie ) to my API. Now I am creating emberjs based on JS client. How can I securely store Client ID and Client Secret? Local storage, which I would guess, doesn't help, as the user can just get the client id and secret easily. The same goes for storing cookies. I've been trying to research best practices for a while, but I can't find anything. Any thoughts on how others are solving this problem? Any resources would be much appreciated.

+3
security oauth-2.0


source to share


No one has answered this question yet

Check out similar questions:

548
How is OAuth 2 different from OAuth 1?
544
How does OAuth 2 protect against things like replay attacks using a security token?
210
OAuth 2.0: Benefits and Use Cases - Why?
70
How to keep the privacy of an OAuth consumer safe and how to react when it is compromised?
68
How to keep client credentials private using the OAuth2 Resource Owner account grant type
68
OAuth 2.0 client secret
2
OAuth 2.0 client ids in Django / tastypie implementation
0
OAuth 2.0 authorization code flow using javascript
0
OAuth client id and secret handling
0
OAuth 2.0 public client impersonation



All Articles
Loading...
X
Show
Funny
Dev
Pics