In most open platform system, like Facebook, Twitter.

There are three value for client application. AppId,AppKey,AppSecret.

AppSecret is easy to understand. a secret value never show to public, must not be bundled into client application for security.

AppId,AppKey both are used to distinguish client application with others. Both maybe bundled into client application.

I think that AppId/AppSecret pair, or AppKey/AppSecret pair works well for most situation.

Why most platform needs both AppId and AppKey? What's the design purpose?

Now, I think both AppId and AppKey are just a ID, AppId is a number id, AppKey is a uuid. is it right?

0 Answers