What is an acceptable way to store the secret?

Knorkor · February 17, 2020, 11:47pm

Was toying around with Python and EveApi for excrements and giggles. It works nicely, however, one issue remains. How are you going to deliver your application to the end user with the secret in the files? A sqlite database is not good enough to store it. Anyone knowing a little bit about Python and SQL can get it out. Even if I store a parity bit field in a DLL and the other bit half in my python script, at some point I need to construct the secret.

So, what is an acceptable way to store it in the eyes of CCP? Should I avoid Python? Use something that can be obfuscated better like C++? Use a sqlite db and pray? I really don’t want to pay for a server in the long run.

Blacksmoke16 · February 18, 2020, 12:03am

Checkout https://docs.esi.evetech.net/docs/sso/native_sso_flow.html. The OAuth flow is different for desktop apps which i’m assuming you’re talking about.

Knorkor · February 18, 2020, 12:09am

Ah okay. Thanks. Was following an older tutorial. Gonna work through that tomorrow :).

system1 · May 18, 2020, 12:09am

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Security question - Storing tokens Third Party Developers	7	531	May 4, 2018
Back to api or choice use sso/api General Discussion	4	446	March 23, 2019
Few questions before gettings my hands on that IDE Third Party Developers	4	374	June 3, 2019
Question about keyid and verification code Third Party Developers	3	1306	January 3, 2018
Alternative to O.smium? New Citizens Q&A	8	1016	February 26, 2018

What is an acceptable way to store the secret?

Related topics