|
|
|
|
|
|
by evansd
4074 days ago
|
|
|
I've found the Insync client works pretty well. I asked them about OAuth token usage at one point and this was the response I got: > The "refresh token" does not leave the user's machine. This is the permanent token that we use to generate an "access token", a transient token (expires in an hour) that is used for actually communicating with the Google APIs. We sometimes send an "access token" to our servers for verification purposes, but we never store them (and they expire anyways). Obviously it would be better not to have to trust a third-party at all, but it doesn't seem like you have to completely hand over the keys to the kingdom. |
|
|