Best Practices

Security

• Protect SharedId: Never expose SharedId in logs or error messages
• Validate All Inputs: Validate all request data before processing
• Use HTTPS: Always use HTTPS for API communication
• Token Expiration: Respect JWT token expiration times
• Signature Validation: Always validate request signatures
• Error Messages: Don't expose sensitive information in error messages
• Rate Limiting: Implement rate limiting to prevent abuse