Why is it a bad idea to use ClientLogin for web apps in the Google API?

Posted by Onema on Stack Overflow See other posts from Stack Overflow or by Onema
Published on 2010-02-09T02:03:29Z Indexed on 2010/03/31 20:53 UTC
Read the original article Hit count: 230

I just picked up the Google API today to allow some users of our site to upload videos to our own organization YouTube account. I Don't want our users to know our user name and password, but rather give them the option if they want to upload videos to youtube or not. If they choose to do it, they check on a check box and hit the submit button.

I keep seeing over, and over in the Developers guide that ClientLogin, which to me looks like the best option to implement what I want to do, is not a good idea for user authentication in web applicaitons. The "AuthSub for web applications" doesn't seem to be the best mechanism for what I want to implement!

Any ideas on what to do?

Thank you

© Stack Overflow or respective owner

Related posts about google-api

Related posts about user-authentication