Documentation Needs

I suggest that your post here be added to the docs so people have a better understanding of spark core security implimentation. Especially the part that placing access_token in a webpage on the internet is not secure.

Thanks,

Bobby