Hi there,
I am finding the documentation quite difficult to navigate, so perhaps this is an answer to this that I have overlooked (please feel free to point me in the right direction for this).
TLDR: What information does the Creator Access Token grant access to in terms of our funders/Patreons. We want to access the usernames of funders, but are worried about security and want to ensure that sensitive information could not be exploited/exposed.
The Detail:
I run a virtual museum. We want to bring user names of our patreons into a VR project, so that we can display them on a wall for visitors to see, each instance of the VR project. My understanding is that we can access this data using the Creators Access Token, but obviously this is a lot of tokens on many different devices and our concern is that a bad actor could Decompile our code base and get access to the Creators Access Token - we want to avoid this, especially if the token allows access to sensitive information. We haven’t fully set up our Patreon yet, so I don’t have data to test this on and would like to get a better understanding before we start to build our soloution for this.
The alternative is we create a backend on our server to manage and sanatise the data, and then pipe this through to our VR app.
Hope that makes sense. Any answers would be greatly appreciated.
What information does the Creator Access Token grant access to in terms of our funders/Patreons
It should allow access to all your campaign members and campaign details.
so that we can display them on a wall for visitors to see, each instance of the VR project.
Make sure that you have an oauth flow during which you state this, and also allow the users to choose to allow/disallow the appearance of their usernames in your public wall.
The alternative is we create a backend on our server to manage and sanatise the data, and then pipe this through to our VR app.
Also a good idea. But still, make sure that you display only the patrons who give consent to displaying their name in your login/auth flow.
I understand, thanks for this.
Just for the sake clarity before we start to build out our solution( as we are new to this platform ) campaign details won’t include anything such as banking information right? We really do not want to run the risk of exposing funder banking information.
Essentially I feel that if we are distributing a series of APKs to devices each with a token/authorisation handshake going on and banking or other sensitive information was accessible via the token I would absolutely err for the server backend, as it is a single point of failure. If it isn’t accessible via the token, then we may just pull the data itself and skip the backend but include the consent aspect that you mentioned.
Hope that makes sense.
Nope.
Essentially I feel that if we are distributing a series of APKs to devices each with a token/authorisation handshake
You should not distribute the Patreon api access tokens to the installations/devices. You should have an intermediary server that issues its own tokens or licenses and distribute those tokens/licenses. This way you can limit the information that is exposed to the remote installations on your side.
Basically you can just have the remote device call your intermediary server with a license, the server can map the license to a patron in its db records, and send back a boolean to the device that says whether the patron is entitled to whatever feature.