genetic-orange
genetic-orange16mo ago

Refine OAuth security

Hi, So it does not seem a security best practice to expose GOOGLE_CLIENT_ID to the user code. Google docs say that both client_id and secret_key are considered privileged data and should be secured. So I am wondering about the security of the Google Auth example that you guys have. Any concerns here about leaking GOOGLE_CLIENT_ID publicly?
4 Replies
kapa.ai
kapa.ai16mo ago
Hi @davidd4309. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave:
kapa.ai
kapa.ai16mo ago
---------------------- Hmm, I don't know enough to give you a confident answer yet. However, I can provide you with some resources that might help you understand the security aspects of using Google Auth with refine: 1. Google Auth Example in Refine (https://refine.dev/docs/examples/auth-provider/google-auth) 2. Supabase Google Auth Configuration (https://refine.dev/docs/advanced-tutorials/data-provider/supabase#enable-google-auth-on-supabase) Please review these resources and consult the official Google documentation for best practices on securing your Google Client ID and Secret Key. ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ----------------------
Google Auth | refine
You can use Google Login to control access and provide identity for your app. This example will guide you through how to connect Google Login into your project using refine.
kapa.ai
kapa.ai16mo ago
<@542609011220938753> kapa.ai is still learning and improving, please let us how it did by reacting below
harsh-harlequin
harsh-harlequin16mo ago
yes, i suggest you too get GOOGLE_CLIENT_ID from env and should be hidden from other users. we share our GOOGLE_CLIENT_ID publicly because these are not production apps and we want users can easily test our apps
More Posts
Refresh button not working with GraphQLHello, On the show or edit page I have specified the list of fields to be requested from GraphQl caHow to modify the width of the Sider.Because my resource name is too long and the Sider display is incomplete, I want to modify its widthAutomated Inferencer SetupHello Refine Community! I have a simple but sophisticated question about the inferencer (we're usingNext Js on VercelHi, after deploying my app on vercel, there is no error while deploying. But I visit the app it thrusing multiple fields for the label in select ant designIs it possible to use multiple fields in the label of a select options prop from ant design exampleuseForm onFinish http getHow can i use a http get API call with userForm onFinish?MUI ButtonGroup useFormHi, I have a seach from and a grid. Now i wanted to put a formbutton group with a status in each bQuery string formatHello. I am using the fineFoods example as base. I created a new list page using another as examplHow to style sidebar in Nextjs & Antdesign appI want to make simple styling cahnges such as changing font weight in my Sider, but cannot seem to fNX with refineim trying to create a project where i wanted to create react app with refine and have it on nx.dev d