The appliance top secret that you choose to created in the app registration portal to your application. Don't use the applying top secret in a native application or one webpage application simply because a client_secret can't be reliably stored on gadgets or Web content. It is really expected for World wide web applications and World-wide-web APIs,