Currently, Luminate-hosted web pages can only access other systems (APIs) through client-side scripting. This means that the credentials for the other system appear in the client-side script in un-encrypted and in plain view. Server-side scripting would allow Luminate developers to store credentials to access outside APIs out of public view. 

Allowing scripts running on Luminate web pages access to external APIs opens up significant possibilities. For example, clients using Blackbaud CRM and LO could create scripts for LO hosted web pages to reach into CRM and display information from CRM to the logged in user. This could be used to display giving history, stored in CRM, on a LO-hosted web page.