storefront-api-examples Is it secure to store API keys on the customer with unauthenticated_read

Is it secure to store API keys on the customer with unauthenticated_read_customers?

Open achadee opened this issue 3 years ago • 0 comments

Hi there,

We have an API that we want to integrate with our shopify customers. As far as I can see it is secure to store the metafields, because to access the metafields you need to provide a shopify customer access token.

Can you confirm if there are any security vulnerabilities.

thanks .

Jun 08 '21 00:06 achadee

storefront-api-examples storefront-api-examples copied to clipboard

Is it secure to store API keys on the customer with unauthenticated_read_customers?

storefront-api-examples
storefront-api-examples copied to clipboard