React Authentication with Twitter, Google, Facebook and Github

by Jesse Heaslip
Published a year ago

To interact with an OAuth provider you need API keys. For security reasons, those keys must be kept private on a server. However, if you are following modern development practices your React app is likely completely decoupled from your server and running on a different port or domain. So how can we solve this communication gap between an OAuth provider that needs the keys and the React client that can't keep those keys private?