Mar 26 2021 10:09 AM
If a website uses OAuth2 to authenticate on several pages (Contact page, PayPal IPN call-back, purchase notification to buyer and so on), is it regarded as best practice to use different ClientSecrets on each such page or even (if more granular permissions were needed) different app (Client) IDs as well?
Jun 27 2021 10:50 PM