What is the right way to identify client application (mobile or js web app) which can't store API keys securely? OAuth's client_id and client_secret seems to be useless for this kind of clients.
Aucun commentaire:
Enregistrer un commentaire