Hi! I have set up an API that now works as it should but I’m new to this and I’m not sure if the sensitive information is secured.
Here I have an API that sends sensitive information to a service that creates business contracts, in this particular API the user is added as a signer in the contract. Is this a safe way to do it?
In this next image I recieve a webhook when the user has signed the contract, also with sensitive information. Is this the right way to do it safe?
Hey, as i gussed , the Aggrement_ID , Email and Name … changeable ( dynamic with call) … unfortunatly there is no other way to build the call.
What i suggest, if you want these to be no visible to anyone else, call this api with backend api call.
if call this api from front-end these value will be visible from dev-tool if someone know how use dev tool.
so, what i would have done, i would make a backend api call. inside that call i have call this api call, now that this api call is being call from bubble server no one can see these values.
now the question come how you pass these values in that call. so suppose these value are inside user. you just build the backend-api call which take a user as input. also make the backend call msut authenticate, generate a token from bubble editor and call the backend with that token.
hope i have not consfues you. if you like i will walk you through the process. ping me.
