Hi guys,



in order to access my kinvey account from web, I put in config.js file like below:



var config = {



kinvey : {



app : {



key : 'kid_123123123',



secret : '66a1111f62233445502833'



}



}



};



and init it in every js file like below:



var promise = Kinvey.init({

appKey : config.kinvey.app.key,

appSecret : config.kinvey.app.secret

});



if a person get my key and secret then he will be able to do CRUD from my kinvey database.

any solution to this?



Cheers,

Mark

See http://devcenter.kinvey.com/rest/guides/security#credentials

Does that answer your question?

I downloaded Related Samples (http://devcenter.kinvey.com/html5/samples/pay-it-forward#) and see they store kinvey app key and secret in js file.