Prismic - How to make API calls without exposing Access Token Prismic - How to make API calls without exposing Access Token vue.js vue.js

Prismic - How to make API calls without exposing Access Token


javascript node.js vue.js oauth prismic.io

You'd have to store your access token on your server and make it process the requests on behalf of the client.

In the end, you'd send requests to your server instead of directly to prismic.io, your server will then send the access token authorized request, fetch whatever you need and return it back in response to the client.

The work flow would look like this:

  1. Client sends request to i.e. http://localhost:8000/api/endpoint
  2. Server sends request to prismic.io endpoint associated with the above endpoint.
  3. Server gets prismic.io response and sends it back to the client.
  4. Client gets the response.

If you want to hide your access token client-side, then it's impossible. To protect your access token the other two options are:

  1. Make users use their own prismic.io access tokens.
  2. Allow access only to authorized users.

The two options above are probably not what you want, so setting up a proxy server is what's left.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last