I tried searching for an issue similar to mine but nothing came up.
I’m trying to use the GF V2 REST API but something came up while I was exploring it.
This is going to be used in a headless WordPress project, where the frontend will be built using a React framework (Frontity). I want to use Gravity Forms as my forms solutions so I need to use its API.
I’m trying to figure out a way of hiding the client-side Consumer Key and Consumer Secret. My main concern is that with the credentials that have write permissions (the ones I have to use to submit the entries) someone can use those same credentials do delete entries.
Am I missing something? Any best practices that I should be aware of?