You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Lock does not need the client secret, nor can it use it in any way. The client secret in this plugin is used to make Auth0 API calls such as sending verification emails or exchanging OAuth codes for tokens.
@cancan101 I think @rolodato was clear. It is needed to make api requests from the backend. Lock doesnt use the secret for ovbious security reasons, but is always needed in the backend.
The lock should be able to function with a redirect without needing the client secret at all.
The text was updated successfully, but these errors were encountered: