I'm developing a web app which authenticates against a 3rd party service using oAuth. The 3rd party supplied me with an app secret and an app id.
The app code is supposed to live on github. Now, I don't want to push my app id and secret to github. The app itself is supposed to be deployed on either AWS or OpenShift.
What options do these (and other) cloud computing providers offer to store credentials like that? What other options are there?
I expected them to have like a secret store, and an API to access that store from my app's code, but I wasn't able to find anything.
Aucun commentaire:
Enregistrer un commentaire