Securely sending Oauth credentials in a Web App

Discussion in 'General Programming Chat' started by ragnarkar, Apr 22, 2016.

  1. ragnarkar

    ragnarkar Registered Member

    Aug 19, 2015
    Likes Received:
    I'm thinking of making a web app that'll help other IMers with their social media accounts (i.e. connecting to their Twitter/Tumblr accounts and making recommendations for people to follow that are likely to follow back, for example.)I've written apps like this in Python and it seems many others have also written similar programs and released them. In order for an end user to connect to their social media accounts with these apps, they simply enter their Oauth credentials into a text file provided and the app will read them and connect to their account.Unfortunately, this sort of setup won't fly for a web app. I don't think many people will feel secure giving their Oauth tokens and keys to some random app on the web. And I've seen other similar but more professionally designed Social Media helper web apps like Unfollowers and Copromote which will ask you to connect to your Twitter, Tumblr, Facebook, etc. accounts to retrieve your info.I'm a bit new to web programming so I'm wondering what is this concept called where your web app can securely access the end user's Oauth credentials without having to manually enter them into your web app (or to worry about them being leaked)?
    Last edited: Apr 22, 2016