How to secure my external api’s client-secret and access-token.

  • Hi,

    I want to use an external api on my wordpress site so I created a plugin and tries to fetch the api in the php code.
    I also have an Access-Token combined with a Client-Secret that is unique for my application and connects to the api that I have. But I want to secure the access-token and the client-secret in my header. Is that possible, and how?

Viewing 1 replies (of 1 total)
  • Moderator bcworkz

    (@bcworkz)

    The headers sent with a HTTPS request to the API from your server, not the headers sent to or from the client browser, right? As long as the request is sent over HTTPS, the data is secure. I recommend using either the WP_Http class or cURL to send requests, but any request method sent over HTTPS will be secure.

Viewing 1 replies (of 1 total)
  • The topic ‘How to secure my external api’s client-secret and access-token.’ is closed to new replies.