Hi everyone!
I’m creating an ecommerce page and I’m using GET request to load the products into my page from an external app. The thing is, after reading the documentation regarding the API Connector, I was concern about this paragraph:
“WARNING WARNING WARNING : API Connector is client side only and runs in the browser! The API key or Authentication you use will be easily visible to the user! So you should only use limited API keys for public sites or make sure your site is absolutely secured for restricted use only . For example using the Security Provider Enforcer.”
I would like to not expose my API key, but I’m not really sure of how “API Data Source” works, also the data isn’t really “private” because is a webstore, but I’m worried that any malicious person would write a script and do many requests collapsing my app.
Can someone please tell if my concern makes sense and how can I address this issue?
Last updated: