Comment on Commoditising and democratising investment technology

Ishwar M. commented on 24 Jan 2016, 12:43 PM

Ok, fine. Now, going with the approach of maintaining the secret key on the backend server, I have the below question:

Once login is complete and the backend server gets the access_token based on the secret key, can this access_token be sent to the client app for use in subsequent requests directly from the app to Kite Connect? Or should the access_token be only on the backend server, and all subsequent requests from the app also need to be routed through the server to Kite Connect?

View the full comment thread »