OmniAuth uses “secrets” but the concept is nowhere explained. It’s obviously too trivial.
I guess it is, if you are once just being told what it means.
I also know some talk about a users “secret” in the context of Rails credentials. There is only a very short official Guide on it.
client_id REQUIRED. The client identifier issued to the client during the registration process described by Section 2.2. client_secret REQUIRED. The client secret. The client MAY omit the parameter if the client secret is an empty string.
How do I obtain that part of a users credentials or how do I generate a valid secret?
Is by “secret” the same thing meant as by “digest” ?
Also I have read about “server-side secrets” and “client-side secrets” I think.
I am new to security concepts, also in Rails.