-
|
currently, I'm sending the access token from the server to only logged-in users but, I feel this approach is not ideal and actually might be dangerous do you have any suggestions on how to secure the Mapbox access token? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
|
I think you're doing it quite safe already. This way a compromised token can be renewed. You could add a layer of encryption to decrypt the keys on the client. But I the end, if someone wants to, the token can be obtained. What are you most worried for? |
Beta Was this translation helpful? Give feedback.
-
|
Oh and make sure you're using https to connect your server, but I hope/assume it already is 🤞 |
Beta Was this translation helpful? Give feedback.
-
|
Hi @mattijsf, Thank you for your quick response 🙏
I was worried because I'm sending this sensitive data over the Internet and wanted to make sure that what I'm doing is safe. now that someone with more experience confirms it I'm less worried. Thanks again |
Beta Was this translation helpful? Give feedback.
I think you're doing it quite safe already. This way a compromised token can be renewed. You could add a layer of encryption to decrypt the keys on the client. But I the end, if someone wants to, the token can be obtained.
What are you most worried for?