Pimm
commented
4 years ago Although possible, we strongly recommend you do not do this.
Calling the Mollie server from the client means the API key is communicated between the client and the Mollie server. Thereby it ends up in the hands of your users.
With your API key, anyone can make requests to Mollie on your behalf. There is no way for Mollie to distinguish valid payments coming from your app from malicious requests coming from someone who extracted your API key. They could issue refunds, or extract private information of your customers. That is a major security issue.
The secure option is to set up a Node.js server. This server will include this library, and will have access to the API key. From your Angular app, rather than calling mollieClient.payments.create directly, you'll make a request to your server and your server will in turn call mollieClient.payments.create.
Alternatively, you can set up a PHP, Ruby, or Python server instead of a Node.js one.
Can I use Mollie in angular2+(client side). As I need to setup SDK on client side. is it possible