I am in the process of creating a web portal for my users, they can currently log in and thats it. I need to connect to a REST API with oauth2 to pull through some data for them to see but I don't want my authentication credentials to be exposed.
Is the only way to achieve this to use a server side application? If so/not what strategies should I be looking at to achieve this? Thanks.
The 3rd party service requires an OAuth2 secret, and you need to send it over the wire somehow. If you don't want this secret exposed, you can't do it from the browser, this only leaves server-side options.