How do client-side JS libraries for OAuth2 maintain secure authentication?
There’re flows in OAuth2 that don’t require a secret (e.g. implicit flow is typically used for JS based clients, SPAs, etc). Not all providers support this flow though, so in those situations you need a server side component that negotiates that for you and then handles the interactions with your front-end/device. In any case, you … Read more