Hi everyone,
Can a Web2 frontend call canister methods directly (e.g., backend.greet() ) using @dfinity/agent , or do I need to expose them via http_request in the canister?
Follow-up questions
1 Are there security risks with this setup?
2. Do I need to whitelist my frontend domain in the canister?
3. Any working examples of Web2 frontends + ICP backends?
Your Frontend can make calls directly to your exposed canister methods.
Hello @successaje , yes you can call canister endpoints without exposing them via http request using dfinity/agent.
To do that, you create a canister actor agent using its IDL file, canister id and delegation of user (if its an authenticated call from any user otherwise not).
And then this canister actor agent instance can call any canister endpoint. You can see example of calling canister endpoint from a typescript frontend here GitHub - BoomDAO/game-launcher: A platform for discovering games, deploying game builds to smart contract canisters, creating NFT & Token collections, airdrops, payments, in-game minting & burning, configuring World smart contracts and more.
Thanks a lot @h1teshtr1path1! That makes sense now. I’ll check out the BoomDAO repo you shared. Quick question: if I want to interact with multiple canisters from the same frontend, would I just initialize multiple actor instances with their respective IDLs? I cant help but think about handling both authenticated and unauthenticated calls. Maybe when i start to hit those bugs, i will get clarity.