Re: Online Services API Keys



On Wed, 2016-12-14 at 10:11 -0500, Shaun McCance wrote:
The GNOME Foundation board has a password-protected area of the wiki
that only board members and employees have access to. That's eight
people, nine after we finally hire an ED. Would that be a good place
to keep a backup?

        Hi,
I see I forgot to explain something. As it is done in the Google case
(and I believe also for other OAuth(2) services) a developer creates a
project on the Google site and that project receives a pair of
id/secret, which is used to identify the project (application), which
asks for the OAuth(2) token with user's credentials. This id/secret
pair is semi-private, it can be found in the source code. The Google
web site allows to add more people into the project, in which case more
people can change settings of the id/secret pair on the web site as
needed.

That is that, in the case of the Google, there might be a Google
account which could be added to the projects and this Google account
will be tight to the entity, not to an individual.

I hope I made it clearer. In case I misunderstood your comment, I'm
sorry.
        Bye,
        Milan


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]