Hello bubblers,
For my website I’m using a Oauth Token that I have to refresh every 24 hour. I was wondering if my way of handling the token is secure, since I store it in bubble’s database.
Here is my process so far :
- Run a recurring backend workflow that generates a new Auth token every day
- Store the token in the database
- Use the token in the Authorization Header of a repeating group that is visible on my website
Is there anyway that someone could access the token since the datatype ‘token’ has no privacy rules defined ?
I tried defining privacy rules on the ‘token’ type, but then the repeating group’s Data source won’t show to visitors on my website.