I am using Laravel for my APIs and its passport module for authentication. I have two client applications: MobileApp and VueApp. I am new to OAUTH2 so, I did some research on this and found that grant_type password will serve my purpose as my application will take the user's email and password and uses its client_id and client_secret to get the access token. If I store the client_secret in MobileApp or VueApp then it will be a security breach. So please help me by letting me know how to overcome this security breach.
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire