Y
Hacker News
new
|
ask
|
show
|
jobs
by
vrv
392 days ago
Agreed, OAuth is certainly preferred for many reasons, but replace "API keys" with "OAuth access tokens" and you have the same fundamental challenge of ensuring an LLM or untrusted code never has access to the user's secrets.