woocommerce_dart icon indicating copy to clipboard operation
woocommerce_dart copied to clipboard

Published 20 hours ago verified publisher icon samarthagarwal

Security concern on saving secret in app

Open jjteoh-pingspace opened this issue 3 years ago • 2 comments

Hi I am new to mobile development, sorry if I asked a dumb question.

Isn't that saving consumer secret in the app is a bad practice and potentially lead to security breach?

jjteoh-pingspace avatar Aug 24 '21 06:08 jjteoh-pingspace

Yeah, it is not completely safe but the other way would be to implement a backend middleware server that will talk to the WooCommerce backend on the behalf of your app.

samarthagarwal avatar Aug 24 '21 06:08 samarthagarwal

Hi I am new to mobile development, sorry if I asked a dumb question.

Isn't that saving consumer secret in the app is a bad practice and potentially lead to security breach?

My solution for encapsulate all secrets & exposable constants is to use a pre-load api to get those field from a private firebase server, or get them from a server to the device and initiate the app with those constants before calling any other API.

quydau35 avatar Mar 04 '22 08:03 quydau35