Skip to main content

App Credentials


Don't have an app yet? Follow the instructions here.

Each app comes with a client ID, client secret, and signing secret.

App credentials


As the app developer, you should make sure the client secret and signing secret are not shared or commited to public repositories.

Client ID and Secret

The client ID and client secret can be used to generate a bot access token or an access token that impersonates a member. The bot access token can perform all actions that a community admin can perform. The member access token has the same permission as the impersonated member.


You can learn more about generating access token using the client ID and secret under Perform API Request section.

Signing Secret

Bettermode uses the signing secret to sign all webhook requests. This can be used on your side to confirm the requests are coming from Bettermode. You can learn more about verifying webhook requests here.


Not verifying webhook requests will let third parties misuse your webhook endpoint by faking POST requests and can be dangerous.