I suggest you ...

Mask App/Client Secret Fields in Authentication

Currently the App/Client secret keys in the Authorization/Authentication area of Mobile Services are not masked. Any user with access rights to these resources can see the keys. The problem lies in that these keys need to be used for both development and production environments. So, as an example, if a developer is working in a development environment they will be able to see these key values and the same key values need to be used in the Production environment as well, which causes some potentially serious security concerns. Having these key fields be masked would help alleviate that concern because a developer would never be able to see the actual values entered.

3 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Kent Herbst shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    0 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...

      Feedback and Knowledge Base