Home/ Questions/Q 6668255
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-26T03:01:19+00:00

I am very new to jquery and javascript, hence this query(Please dont mind if

  • 0

I am very new to jquery and javascript, hence this query(Please dont mind if it sounds too dumb 🙁 )…

I have seen some libraries in javascript, that clearly mention that if the javascript version of that library is used, then the end user will have access to login credentials/password being used… Does this mean that if I want to call on an API that gives out JSON data (for example), then I cannot use jquery at all? Is it possible to use jquery for authenticating into a service or API, without exposing login credentials to the end user?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I have seen some libraries in javascript, that clearly mention that if
    the javascript version of that library is used, then the end user will
    have access to login credentials/password being used…

    Yes that is true. The end user (browsers) can see everything that is “in” the browser. Hence , you can use javascript to sniff for whatever you wanted to find.
    But hey, if you’re a good programmer, would you send some login credentials/password to the end user? Would you not want it just in the server?

    Does this mean that if I want to call on an API that gives out JSON
    data (for example), then I cannot use jquery at all?

    No! Of course you can use jQuery. I would not care if you include some login credentials/password in JSON data. But if I were you, sure thing, I would not do that. There are some techniques so that your data (on a web app or something) can be secured and yet still use jQuery.

    Is it possible to use jquery for authenticating into a service or API,
    without exposing login credentials to the end user?

    Yes! Of course.

    jQuery is a client side script (a javascript library ), it can see what the browser have. If your server side script would not send some login credentials/password in the user end, then you would not have problems. Hence, jQuery is not the problem.

    comment answers:

    can i authenticate with server side code, and only after that call
    on an API using jquery (so that the server side code handles password
    etc while client side code invokes that api only after successful
    authentication) Specifically can I do something like this to
    authenticate using java/jsp, and then call on the api using jquery?
    (This is a probable scenario for me)

    Yes! Example:

    User wants to use functionality A. Before anyone can use A, a user must have good credentials (for example logged in).

    Now, here’s a not logged in user, trying to use A. jQuery talked to the server. Now server checked if user is logged in. Server will deny the request.

    You might asked, “How did the server know that the user was not logged in?”. Well, that depends on your server side script.

    Just picture this one out in your mind. jQuery is just like an invisible browser that is making your page request to the server.

    note: I know that we are talking about jQuery here. But the technique/technology is referred to as AJAX. There are also other javascript libraries that can do this. Even just javascript will do.

    You mentioned techniques to secure data+use jquery- pls point me to
    good resources on those…

    Sorry, I can’t recommend any. But just keep in mind, it is just like a page without the use of ajax. Accessing/viewing a page that needs credentials, you will have to check for some sessions or database data right?. Same goes when using ajax.

    hmmm this link may give you some idea.
    http://www.roseindia.net/tutorial/jquery/loginValidation.html

    Sorry if I’m not good on explaining things. Anyway, cheers!

    • 0