How to pass OpenAI token securely to website?

Question

I'm just doing a project requiring a user's OpenAI token (using mine will be expensive), but I expect low conversion because most people think I want to steal their tokens. How do we guarantee the user that nothing wrong will happen with their tokens?

RockCoach · Accepted Answer

There are a few discussions around this issue on https://community.openai.com/
The commonly recommended approach is to use an OAuth procedure: https://platform.openai.com/docs/plugins/authentication
I haven't yet done this myself, but maybe the links from above will help you solving the issue.
Also, have you tried asking ChatGPT itself?

souvlakee · Answer

Also, my project is open-source. However, not everybody wishes to check how the app's backend works. Plus, there are things like CI/CD, which is a hidden part, so I can potentially modify code and steal tokens on that side, meaning that open-sourcing is not the solution.