更新时间:2022-06-18 22:10:42
JavaScript应用程序被所谓的 公共客户的中的OAuth 2.0。它基本上意味着他们不能保守秘密,因此,你的不能做客户端(应用程序)的授权。
JavaScript applications are what are called 'public clients' in OAuth 2.0. It basically means they cannot keep secrets and therefore you cannot do client (application) authorization.
因此,如果您使用的是JavaScript应用谈谈您的API,你需要做的用户身份验证,并给予用户访问您的API。或切换到一个服务器端应用程序访问你的API。
So, if you are using a JavaScript application to talk to your API, you'll need to do user authentication and give users access to your API. Or switch to a server side application to access your API.