Not exposing app key and using user token instead

Hey Guys,

For making api call we need to add to javascript our app ID and key. The problem is that exposing the key we give access to anyone change our application data. I tried to use the user token process, but I’m always receiving a forbiden access (403) on my calls. I was wondering if anyone was able to make it work without having to setup a server just to retrieve the authorization on each call?

Can you please share your solution?


Hello Guil,

You must fetch data from scenes and views instead of objects for this. and that scene is accessible for logged in users.

Sunny Singla