Next.js & External API without Proxying requests through Next.js backend

Hello @felix3! Welcome to the community.

This is safe because the Next.js SDK is used for Regular Web App (RWA), which are private clients and can securely store secrets, specifically the client_secret. This is completely safe.

We do recommend short lived access tokens, but be cautious of hitting rate limits. It is possible to cache API Access Tokens which I’ll link here: Caching Management API Access Tokens in Login Action. This can help with using the same token instead of always getting a new one and can be done using actions.

Here are some more docs that may help:

Get Management API Access Tokens for Production

I hope this helps!

Best,
Alex

1 Like