Reputation: 12940
Is Facebook Hash key for android secret
I wanted to know if the secret key used for Facebook SDK on Android should be kept a secret. Can I show it to users as part of a bug report?
Upvotes: 0
Views: 274
Answers (2)
Reputation: 15533
The hashkey is only meaningful to the apps which are signed with the same certificates. So if you don't share your keystore/certificate, there is noting to worry about.
Upvotes: 0
Reputation: 10342
In your code Facebook SDK only use your Facebook App id. And you put the hash key to the Facebook Developer web page.
This way facebook ensures the calls from the specific app id only calls from the authorized application. This way, no one can act as your application.
Even if you give the hash and some malicious user tries to mock your application, facebook will hash that app's sign key and the two hash values won't match and there will be no problem.
Upvotes: 2
Related Questions
- Key hash for Facebook login in android
- Hash key for android facebook app
- android hash key
- Facebook + Android Key Hashes
- Android. Key hash for Facebook login
- Facebook key hash for Android
- What is an Android key hash?
- Facebook Android Hashkey
- Secret key when use Facebook SDK for ANdroid
- Use of the Facebook App Key Hash