Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

AsnCode's avatar

[inertia.js] access_token need to be visible !?

Hello i use mapbox for showing a small map box in a laravel-vue inertia app. in my .ENV i have : MAPBOX_API=XXXXXXXX

i pass this access_token through:

return Inertia::render('Capsules/Show', [
            'capsule' => $capsule,
            'registered' => auth()->user()?->capsules->contains($capsule),
            'api_mapbox' => env('MAPBOX_API')
        ]);

<a class="mapbox-improve-map" href="https://apps.mapbox.com/feedback/?owner=mapbox&amp;id=streets-v12&amp;access_token=XXXXXXXXXXXXXXXXXX#/1.927/47.9108/10" target="_blank" aria-label="Map feedback" rel="noopener nofollow">Improve this map</a>

but my access_token is visible in front-end ... any method to continue using my map but with hiding this info ? thanks you

0 likes
2 replies
MirkoTdi's avatar

If you want to use this token in the front-end, the token is always visible, but you can create a route with a method in which you redirect the user with the correct token to the correct url

Please or to participate in this conversation.