Hello everyone,
I am working with a SAPUI5 app developed on the SCP that needs to access the LMS API to retrieve data from the courses, users, etc.
I am able to recover the bearer token needed for the api calls using the encode Client Secret key, but the problem is that I got it stored on the app for now, wich is a huge security problem.
Does anyone knows how could I protect this key from external viewers? I have tried using destinations but I did not find the way to do it.
If possible, I want to avoid using a middleware to avoid large load times and architectural dependencies.
Thank you!
Gerard