I am using Javascript SDK. SDK requests include app-id & sec-key to request headers. So, anybody can get access to my app with this id and keys. How can i secure my app?
Because this is major security problem.
Thanks.
I am using Javascript SDK. SDK requests include app-id & sec-key to request headers. So, anybody can get access to my app with this id and keys. How can i secure my app?
Because this is major security problem.
Thanks.
Hi,
we’ve already explained how to secure your app. Please read these topics:
http://support.backendless.com/t/do-not-expose-secret-key-and-application-id-to-public
http://support.backendless.com/t/application-id-and-secret-key-appear-in-request-header
Also please take o look into this page in documentation, about security and user roles:
https://backendless.com/documentation/users/js/users_user_roles.htm
Hope it helps you.
If you have any questions, you can ask me here.
Regards,
Stanislaw