Application Keys

Topics: Developer Forum
Feb 11, 2010 at 12:04 AM

I'm confused as to how to create a distributable desktop application without yielding keys.  If I distribute the application, then anyone looking at source code will see the keys.  Do I need to strip them out and have users get their own?  I have authentication working just fine using a frob and redirecting for user permission, but I'd like anyone to be able to use the application without worrying about my key.  Isn't this a security problem?  I know this isn't FlickrNet's problem, but I just want to make sure that I'm not missing something and I hope someone on here can address it.

Thanks!

-Arian

Coordinator
Feb 11, 2010 at 8:55 AM

No, you're not missing something. Your API Key and secret will be embedded in your code and anyone using Reflector can read it if they wanted to.

That's just the way it works I'm afraid. There is no real way to stop this from happening with a .Net desktop application.