Client Secret Keys are exposed on client side

[johnnyperdomo]

Is there a way to generate a temporary access token to give grant access to api for a limited time? Like a presigned url that awsS3 provides?

I need to be able to upload videos from my application with the client sdk, but don't want to risk exposing my secret keys. Is there a solution for this?

[Virako]

Maybe with setAccessToken (https://github.com/vimeo/vimeo.js/blob/master/lib/vimeo.js#L282) you can edit the token obtain from server side

[unicornsoftwareinc]

Curious if you ever found a solution for this? I'm running into the same issue.