Client Secret (OAuth 2.0) is a secret used by the OAuth Client to Authenticate to the Authorization Server.

The Client Secret is a secret known only to the OAuth Client and the Authorization Server.

Client Secret must be sufficiently random to not be guessable.

Developers never include their Client Secret in OAuth Public Clients (mobile or browser-based) App. Some folks suggest by using a longer string for the Client Secret is a good way to indicate this, or prefixing the Client Secret with “secret” or “private”.[2]

Client Secret and Entropy[1]#

A method to generate a secure Client Secret is to use a cryptographically secure pseudorandom number generator library to generate a 256-bit value and converting it to a hexadecimal representation.

A good sample Client Secret which is 86 characters:

The reason for this length is that I wanted to support 512 bits for symmetric signature and encryption algorithms. For instance, I wanted to support HS512 as a signature algorithm for JSON Web Encryption. Because Client Secret have to have entropy of 512 bits or more to support HS512, the length of the example above is 86, which is a result of encoding 512-bit data using base64 URL.

Regarding entropy for symmetric Key Cryptography signature and encryption algorithms, 16.19 Symmetric Key Entropy in OpenID Connect Core 1.0 states as follows. In Section 10.1 and Section 10.2, keys are derived from the client_secret value. Thus, when used with symmetric signing or encryption operations, client_secret values MUST contain sufficient entropy to generate cryptographically strong keys. Also, client_secret values MUST also contain at least the minimum of number of octets required for MAC keys for the particular algorithm used. So for instance, for HS256, the client_secret value MUST contain at least 32 octets (and almost certainly SHOULD contain more, since client_secret values are likely to use a restricted alphabet).

And, 3.1. alg (Algorithm) Header Parameter Values for JSON Web Signature in RFC 7518 (JSON Web Algorithms) states that HS256 (HMAC using SHA-256) must be supported as a signature algorithm for JWS. As a logical consequence, any implementation claiming compliance with OpenID Connect is required to generate client secrets with entropy of 256 bits or more.

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-6) was last changed on 03-Jul-2017 09:37 by jim