I am using Mapbox to create a new widget and add it as an add-on. I noticed that by placing the entire source code in the /plugins directory (including the file containing environment variables - config.js), anyone can access my token and source code. How can I prevent this from happening?
ducnv_resolve Greetings
As it is all happening on front-end side, there are not much way of hiding the token, and in any case it will be possible to see it on a debugger on Mapbox related methods.
What you can try is to whitelist Sisense URL for that token to make it non-usable outside Sisense and therefore there will be no need to hide it.
Please check the article and let me know if you have any questions.
https://docs.mapbox.com/accounts/guides/tokens/#:~:text=You%20can%20make%20your%20access,from%20the%20URLs%20you%20specify
Best regards,
Hello ducnv_resolve,
Thank you for reaching out here. I see that this question hasn't had a response yet, so I am reaching out internally to try and get you an answer.
Hello ducnv_resolve,
I’m following up to see if the solution offered by worked for you.
If so, please click the 'Accept as Solution' button on the appropriate post, that way other users with the same questions can find the answer. If not, please let us know so that we can continue to help.
Thank you.
