So i have implemented this quickstart but im wondering how secure this is? For example all client id's are exposed client side.
Next to that i was able to login using the access_tokens from localstorage. Just by copy and pasting the localstorage i was able to login on a different browser/computer.
Is this just as designed or should this never be used in production/publicly?
So i have implemented this quickstart but im wondering how secure this is? For example all client id's are exposed client side. Next to that i was able to login using the access_tokens from localstorage. Just by copy and pasting the localstorage i was able to login on a different browser/computer.
Is this just as designed or should this never be used in production/publicly?