Security Best Practices
Security Best Practices
Section titled “Security Best Practices”Protect your users and your revenue by following these guidelines.
API Token Security
Section titled “API Token Security”- Never expose your API token in public code or client-side apps.
- Store tokens in environment variables.
- Rotate tokens regularly from the dashboard.
Webhook Security
Section titled “Webhook Security”- Validate incoming webhook requests (e.g., with a secret or signature).
- Use HTTPS endpoints for all webhooks and callbacks.
General Recommendations
Section titled “General Recommendations”- Keep your SDK and dependencies up to date.
- Monitor your account for suspicious activity.