How the idea works in vk.com API?


Warning: count(): Parameter must be an array or an object that implements Countable in /home/styllloz/public_html/qa-theme/donut-theme/qa-donut-layer.php on line 274
0 like 0 dislike
22 views
Hi. I think more correctly would be to ask this question in the Russian-speaking resource. Namely, in vk.com api any application can access user data using access_token. That is, applications 3 such k... mobile can in fact have access to information to which they have access should not have. Is this safe, or can I something do not understand?
by | 22 views

2 Answers

0 like 0 dislike
  1. the user installs the application yourself
  2. The VC asks the user a question: k...mobile app wants access to your data – name, phone, Bank account number, password, online Bank, etc. – lists of the specified permissions
  3. the user accepts or rejects
  4. if agreed, the application turns out it was his access_token, which has access only to the data user (and others public figures)


It is considered safe.

If the VC suspect malicious activity of the application, they "cut off" – all issued by the users of this application will be void at once, it will not be able to make requests to VK API.
by
0 like 0 dislike
https://ru.wikipedia.org/wiki/OAuth

UPD: and what about the specific data the user is allowed access to him. Where's the danger here?
by

Related questions

0 like 0 dislike
2 answers
0 like 0 dislike
4 answers
asked Apr 5, 2019 by timonbandit
0 like 0 dislike
2 answers
0 like 0 dislike
2 answers
asked Mar 22, 2019 by batal
0 like 0 dislike
3 answers
asked May 2, 2019 by Username0
110,608 questions
257,187 answers
0 comments
40,796 users