Home/ Questions/Q 6932841
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T11:45:24+00:00

Looking at Twitter OAuth Libraries , I saw this note: Be cautious when using

  • 0

Looking at Twitter OAuth Libraries, I saw this note:

Be cautious when using JavaScript with OAuth. Don’t expose your keys.

Then, looking at jsOAuth examples, I noticed that the keys are exposed in the code.

So my question is: How it is possible to not expose your keys when you use an OAuth library in Javascript?

Thanks.

UPDATE: Ok, maybe jsOAuth is not the right library to use, but how it is possible to do authentication with OAuth on a full Javascript web site?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    As said in the documentation linked by you:

    Written in JavaScript, jsOAuth aims to be a fully featured open source OAuth library for use in Adobe AIR, Appcelerator Titanium and PhoneGAP. In fact, anywhere that javascript can be used and has cross-domain XMLHttpRequests. For security reasons jsOAuth doesn’t run in the browser. Browsers are only mentioned here for running the test suite. If you need jsOAuth in the browser, write an extension.

    A good answer to your added question is available here:

    • 0