Creating a secure login process between your app and server ... | line login api javascript
ThispageexplainshowtosecurelyhandleuserregistrationandloginwhenimplementingLINELogininyournativeappusingtheLINESDK[1].InformationthatssafetosendandreceiveWhenauserlogsintoyourappviaLINELogin,theclientappandservercansendandreceivethisinformationfromtheLINEplatform:❌Userprofiledetails❌ChannelIDsHowever,informationsuchastheaboveisvulnerabletospoofingandotherkindsofattacks.Forexample,itsdangerousforyourservertoblindlytrustthisinformationwhenyourclientsendsit.Instead,yourclientshouldsendthisdatat...
This page explains how to securely handle user registration and login when implementing LINE Login in your native app using the LINE SDK[1].
Information thats safe to send and receiveWhen a user logs in to your app via LINE Login, the client app and server can send and receive this information from the LINE platform:
❌ User profile details ❌ Channel IDsHowever, information such as the above is vulnerable to spoofing and other kinds of attacks. For example, its dangerous for your server to blindly trust this information when your client sends it. Instead, your client should send this data to your server:
✅ Access tokens ✅ ID tokensThese tokens enable your server to get reliable information directly from the LINE Platform.
How to use this page
This section explains the design concepts we recommend for using the LINE SDK. They are guides, not templates. Be sure to build a safe system with a full understanding of the dangers.