Desktop Application w/o Secret Key

Aug 9, 2009 at 2:56 AM

Hi! I'm developing a desktop facebook application. I was able to make it work succesfully suing the facebooktoolkit. Great API!

However, the current code requires me to put the secret key in the binary. Facebook warns against this. I've not seen an example that lets me authenticate using another server to get the token. Is this not supported in the current API? Thanks!


Aug 10, 2009 at 3:00 AM

Either you place the Secret in app.config file, or you can simply make a web page (say .aspx) that does something like htis, document.write("Session Key Here")  and you place that page on a webserver of your own and from the binary file, call this webpage to get the secret key, optinoally you can write the encrypted key and decryp within binary, your key is preserved at the server.



Aug 10, 2009 at 4:39 AM

thanks for the answer. i do already have some server code that provides an auth token and gets a session key from facebook. This was explained clearly in the facebook documentation.

What is not clear to me (and my question is), how this would be done in the current facebook developer toolkit API. Is this even supported? Or do I have to roll out my own? Thanks!