diff --git a/docs/discord-social-sdk/core-concepts/oauth2-scopes.mdx b/docs/discord-social-sdk/core-concepts/oauth2-scopes.mdx
index 32a45f30c1..4c9ef8ebc8 100644
--- a/docs/discord-social-sdk/core-concepts/oauth2-scopes.mdx
+++ b/docs/discord-social-sdk/core-concepts/oauth2-scopes.mdx
@@ -62,12 +62,12 @@ See [available OAuth2 scopes](/docs/topics/oauth2#shared-resources-oauth2-scopes
## OAuth2 Client Types
-OAuth2 has two client types: **Public** and **Confidential**. Most games will not want to ship with **Public Client** enabled.
+OAuth2 has two client types: **Confidential** and **Public**. Most games will not want to ship with **Public Client** enabled.
Some Social SDK methods require your Discord application to be a **Public Client**. These methods also have server-side alternatives that you can use with a **Confidential Client**.
-- Public clients cannot securely store client secrets.
- Using confidential clients with proper secret management for production applications is generally recommended.
+- Public clients cannot securely store client secrets.
- Your security team should review this setting and authentication flows before releasing your game.
[Learn more about OAuth2 client types](https://oauth.net/2/client-types)
diff --git a/docs/discord-social-sdk/development-guides/account-linking-with-discord.mdx b/docs/discord-social-sdk/development-guides/account-linking-with-discord.mdx
index 99b71aeb5b..ae5b12799c 100644
--- a/docs/discord-social-sdk/development-guides/account-linking-with-discord.mdx
+++ b/docs/discord-social-sdk/development-guides/account-linking-with-discord.mdx
@@ -108,25 +108,6 @@ Once the user approves the request from Step 2, Discord will redirect the user b
#### Token Exchange for Public Clients
-
-
-If your app does not have a backend server, enable `Public Client` in the Discord Developer Portal and use [`Client::GetToken`] to automatically exchange the authorization code for a token.
-
-We will also need the code verifier used to generate the code challenge in Step 1.
-
-```cpp
-client->GetToken(YOUR_DISCORD_APPLICATION_ID, code, codeVerifier.Verifier(), redirectUri,
- [client](discordpp::ClientResult result,
- std::string accessToken,
- std::string refreshToken,
- discordpp::AuthorizationTokenType tokenType,
- int32_t expiresIn,
- std::string scope) {
- std::cout << "🔓 Access token received! Establishing connection...\n";
- // Next step: Update the token in the client and connect to Discord
- });
-```
-
#### Server-to-Server Get Token Exchange
If your application uses a backend server and does **not** have `Public Client` enabled, you can manually exchange the authorization code for an access token using the Discord API.
@@ -162,6 +143,25 @@ def exchange_code(code, redirect_uri):
}
```
+
+
+If your app does not have a backend server, enable `Public Client` in the Discord Developer Portal and use [`Client::GetToken`] to automatically exchange the authorization code for a token.
+
+We will also need the code verifier used to generate the code challenge in Step 1.
+
+```cpp
+client->GetToken(YOUR_DISCORD_APPLICATION_ID, code, codeVerifier.Verifier(), redirectUri,
+ [client](discordpp::ClientResult result,
+ std::string accessToken,
+ std::string refreshToken,
+ discordpp::AuthorizationTokenType tokenType,
+ int32_t expiresIn,
+ std::string scope) {
+ std::cout << "🔓 Access token received! Establishing connection...\n";
+ // Next step: Update the token in the client and connect to Discord
+ });
+```
+
---
## Working with Tokens