The applying top secret that you choose to produced during the app registration portal for the application. Don't use the applying top secret in a native application or single page application because a client_secret cannot be reliably saved on gadgets or web pages. It's needed for Net apps and World-wide-web APIs, which may store the client_secret