Last post Mar 04, 2018 12:00 PM by mgebhard
Mar 04, 2018 11:32 AM|RateFor|LINK
To allow users to login to my site using facebook, google, and Microsoft, I have to store a clientID for these services. This is not the clientID of my users, its a clientID that I create for each service for my website.
Suppose a hacker gets access to these 3 client-ids (facebook, Google, Microsoft).
Can he compromise user information?
Mar 04, 2018 12:00 PM|mgebhard|LINK
The Client ID and Secret identifies your application not the users. Plus the return URL must match your site URL.
The hacker needs a username and password to change user information.