Hi!
I have a question regarding the “correct” use of the “getAccessTokenSilently” function.
As I understand it, I get a token here and it is stored in memory and then read from it when it is needed. I am currently using my own Axios instance, which has an interceptor function and writes the token to the header. But theoretically this token could be intercepted by anyone in the frontend or not? I would therefore like to know what would be the best way to make the whole thing reasonably secure.
Sorry if this is the wrong subcategory!
Thanks in advance!
1 post - 1 participant
