OAuth 2.0 for Client-Side Web Applications | Authorization | Google Developers SPA
fleeting- Référence externe : https://developers.google.com/identity/protocols/oauth2/javascript-implicit-flow
Applications that use JavaScript to make authorized Google API requests must specify authorized JavaScript origins. The origins identify the domains from which your application can send requests to the OAuth 2.0 server. These origins must adhere to Google’s validation rules.
— https://developers.google.com/identity/protocols/oauth2/javascript-implicit-flow
access Google APIs from a JavaScript web application.
— https://developers.google.com/identity/protocols/oauth2/javascript-implicit-flow
This OAuth 2.0 flow is called the implicit grant flow. It is designed for applications that access APIs only while the user is present at the application. These applications are not able to store confidential information
— https://developers.google.com/identity/protocols/oauth2/javascript-implicit-flow