Hello Alex and Tom, I am not sure, where native apps hold the "app secret" for the OAuth.
For Facebook you can use its native Android/iOS SDKs... But for other social networks you have to use the OAuth flow. I was just trying to make the point that sometimes you don't have other options than to hide something in the app... And Tom's suggestion to proxy authentication through a server isn't good because it defeats the easyness of OAuth (the user has to register username/password at your server first) Regards Alex On Tue, Feb 25, 2014 at 6:59 PM, Alex Harui <aha...@adobe.com> wrote: > Where do native apps keep the "app-secret" if it isn't supposed to be in > client-side code? >