客户端密钥与访问令牌Rails Instagram API
[英]Client Secret vs Access Token Rails Instagram API
问题描述
I'm learning Ruby on Rails and I'm trying to implement Instagram API. 
我正在学习Ruby on Rails,我正在尝试实现Instagram API。
I'm reading through documentation https://github.com/Instagram/instagram-ruby-gem and in the configuration portion it says to put 我正在阅读文档https://github.com/Instagram/instagram-ruby-gem,并在配置部分说它要放
Instagram.configure do |config|
config.client_id = YOUR_CLIENT_KEY
config.access_token = YOUR_ACCESS_TOKEN
end
But I'm currently following a sample application which instead of access_token, it has client_secret like this: 但是我正在关注一个示例应用程序而不是access_token,它有这样的client_secret:
Instagram.configure do |config|
config.client_id = 'YOUR_CLIENT_KEY'
config.client_secret = 'CLIENT_SECRET'
end
Now I'm wondering what the difference is between client secret and access token? 现在我想知道客户端密钥和访问令牌之间的区别是什么?
Thanks 谢谢
1 个解决方案
解决方案1
3 已采纳 2013-04-12 23:01:54
Instagram uses OAuth 2.0 . Instagram使用OAuth 2.0 。
Both the client secret (required) and the access token (optional) are used to sign the Authorization header. 客户机密钥(必需)和访问令牌(可选)都用于签署授权标头。 The client secret is the part of the signing secret that is assigned to the client, while the access token is the part of the signing secret that represents an authorized user. 客户机密钥是分配给客户机的签名机密的一部分,而访问令牌是代表授权用户的签名机密的一部分。
So in general, you'll always need to use the client secret. 所以一般来说,你总是需要使用客户端密钥。 If you're authorized to act on behalf of a specific user, you'll also be using the access token that represents that user. 如果您被授权代表特定用户行事,您还将使用代表该用户的访问令牌。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.