But it'll be like your access token will become vulnerable from extraction if you build your single-page React application directly with Contentful.
Is there any way to secure our access tokens without building another backend application and just use Contentful directly as our backend?
for that you can use .env files to save your token. I was simplifying the app as best as I can.
But I guess, the token that's stored on your ".env" file will become visible on your single-page React web application's script because it'll be used to fetch your Contentful space' entries?
Look at this: contentful.github.io/gallery-app-r... That's the bundle script of: contentful.github.io/gallery-app-r... On that bundle script, you can easily see the tokens...
Are you sure you want to hide this comment? It will become hidden in your post, but will still be visible via the comment's permalink.
Hide child comments as well
Confirm
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
But it'll be like your access token will become vulnerable from extraction if you build your single-page React application directly with Contentful.
Is there any way to secure our access tokens without building another backend application and just use Contentful directly as our backend?
for that you can use .env files to save your token. I was simplifying the app as best as I can.
But I guess, the token that's stored on your ".env" file will become visible on your single-page React web application's script because it'll be used to fetch your Contentful space' entries?
Look at this: contentful.github.io/gallery-app-r...
That's the bundle script of: contentful.github.io/gallery-app-r...
On that bundle script, you can easily see the tokens...