Iām working on a project template that uses an external API and the requisite API key. I want to make the project easily fork-able, to demonstrate in a classroom or conference setting, but I am unsure how to safely deal with this secret API key.
Does 8th Wall support .env files or project-specific secrets? Or does anyone have recommendations on how to approach secrets in public 8th Wall projects?
Hey Aidan!
Today, you need to use a back-end proxy server to protect your private API key.
A back-end proxy server acts as an intermediary between your client application and your server application. Instead of directly accessing the API from the front end, the front end sends a request to the back-end proxy server; the proxy server then retrieves the API key and makes the request to the API. Once the response is received, it removes the API key before returning the response to the front end. The Safest Way To Hide Your API Keys When Using React ā Smashing Magazine.
This issue is on our radar and I will follow up in this thread if/when there are any updates on this topic.
Let me know if you have any follow up questions and good luck!
This topic was automatically closed 4 days after the last reply. New replies are no longer allowed.