How to secure the app's secret key when used in client side javascript?

0 votes
Hello,

I was exploring how to use your User Login api from javascript using the samples provided in your App42_JAVASCRIPT_SDK-master.  

I see that "YOUR_SECRET_KEY" is stored in javascript, so it can be read by anyone who browses that page.  So obvious this is not secure.

Do you have a solution for protecting the secret when using javascript on client?
asked Jul 11, 2014 in Discuss & suggest API by shephertzdev (10 points)

1 Answer

0 votes

Hello,

Thanks for writing to us.

You can definitely secure your App by applying ACL either on User Data or Method Level Calls. On a Method Level, you can create a separate key for your App and give access to required methods for that key. ACL app are more secure in the way that one app user cannot access data of another user until user gives permission to access it.

Kindly follow the link which helps and provide a detailed information for securing your app information.

Let me know if it helps.

Thanks

answered Jul 11, 2014 by hs00105 (517 points)
Download Widgets
Welcome to ShepHertz Product line forum, where you can ask questions and receive answers from the community. You can also reach out to us on support@shephertz.com
...