Data Quality user documentation | Securing your token

Securing your token is very important: if you don't, there's the risk of unauthorized parties using your licensed products, which you may be charged for.

One of the easiest and most effective ways to secure your tokens is to periodically change them, just like you do with your passwords.

You can take additional steps to secure your tokens:

Specify CORS origin domains. By doing this, you make sure that only the API requests made from the domains you've specified are allowed.
Specify permitted URLs. By doing this, you make sure that only API requests made from the URLs you've specified are allowed.
Whitelist IPs/IP ranges. By doing this, you make sure that only API requests made from the IPs/IP ranges you've specified are allowed.

For even greater security, we would advise against storing your token in a client-side JavaScript application and making direct API calls from there. Instead, we recommend making a secure call to your own back-end and then let your server-side application make the API call on behalf of your front-end, before returning the response to your client-side app. In this way your API credentials are secured.

Was this helpful?

Previous: Creating tokens

Next: Token FAQs

Self Service Portal

Tokens

Next topic:
What type of reports can I create
Previous topic:
What are notifications