@Mark_Wonsil recently introduced me to the concept of Backend For Frontend (BFF). I want to learn more about this and how to implement this methodology into Epicor when using third-party APIs. That is, I don’t want to expose my authorization credentials in any way.
From what others have said, I believe I need to implement my own API that somehow stores my secure credentials to access my third-party API. What I don’t understand is that this just adds another API in the chain. I will have to put in my credentials for the new API into Epicor somewhere to allow it to pull down the creds for my third-party API. Adding layers of APIs surely isn’t the answer.
I think that I am missing something critical here.
Do I have to write my own API to securely use a third-party API with Epicor?
If so, what do I use to write the API and are there any examples to get me started?
If I don’t have to write an API, then there must be one out there I can use (for free)?
How does adding another API call protect the credentials?
Thanks for your time and patience!