Forum Academy Marketplace Showcase Pricing Features

How to handle api token from external service

Hi everyone.

I’ve created an app on Bubble some time ago, but just now I’m starting to worry about privacy rules and etc.
My app calls many outside APIs from others apps I own outside Bubble, and those apps have Bearer authentication, which the tokens expires every 1 hour, and I have to authenticate again.

In order to decrease the amount of requisitions, I have workflows that save the token in my database if it have already expired, but it seems to me as bad practice, since I can’t give it a privacy rule, because my users won’t have the access to the token. So the problem is that this tables handling the token is publicly visible, and, I don’t know how, but maybe someone can access it.

How can I deal with this situation? The only other option I think is to authenticate everytime I start an workflow, but will double the amount of requests I make.