This message was deleted.

Generating the token on the client side doesn't seem to be a secure way, you have to store the api key and secret on the client side.