client_secret

RU: client_secret

A shared secret issued by the authorization server to a confidential client at registration, used to authenticate the client at the token endpoint. It must never be embedded in public clients (SPAs, native apps) where it cannot be kept confidential.