Keep your tokens secure

Tokens provide access to the API based on their scopes. Secret tokens should never be shared publicly or committed to version control. Public tokens are domain-restricted for client-side use.