When do I use the client-side API vs the server-side API?

Use the client-side API (forte.users.*) from browsers and mobile apps — it authenticates with the signed-in user's session cookie and is scoped to that one user. Use the server-side API (forte.projects.*) from your backend — it authenticates with FORTE_API_TOKEN and acts as the project owner: admin user management, payments on behalf of any user, logs and metrics.

Rule of thumb: if the credential lives in a browser, it's client-side; if it lives in a server environment variable, it's server-side.

Read more about this in the documentation

Related questions

Still need help?

If this didn't answer your question, our team is one message away.

Contact support