This repository has been archived by the owner on Jun 29, 2020. It is now read-only.
Question: Using the player server side or without access_token #112
Comments
|
I think it's fine to store the access token in the front end as long as you're not exposing your refresh token |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Hi, not sure if this is the right place. Please redirect me if i'm wrong 👍
I am creating a small spotify UI with node.js. Until now i could direct all my client side requests to the node js server which would get/update the access_token if the user was logged in.
The web playback audio player requires an access_token on the client side, which is what i am trying to prevent as much as possible mainly for security reasons.
Can i redirect the callback to the nodejs server which adds the access_token there? Does anyone have any suggestions? The main goal is to not have the access_token on the client. If this is a bad idea, please let me know as well :-)
Thank you!
The text was updated successfully, but these errors were encountered: