On my site I use the Facebook API, via ACCESS_TOKEN
. This 'key' of access to everything that the corresponding application can provide, that is, it is not feasible to leave it public. In view of this, I would like to know the best way to 'hide' this key.
Here is part of the code for the question:
var endereco = "https://graph.facebook.com/"+ page_id +"/posts?access_token="+ token +"&limit=15";
$.getJSON(endereco, function(data) {
//função
});