Discussing APIs and development related to customers, discounts, and order management.
Hi
We have to make a call to the `customerAccessTokenCreate` endpoint to get a customer access token. In this call we have to pass the user email and password.
I am testing this using insomnia (Desktop API Client). I noticed we are sending the raw password to the shopify storefront API.
My question is, is there any best practice I am missing when it comes to communicating with storefront API, regarding retrieving customer access tokens? Is it safe send raw passwords over https?
Many thanks.