Hiding API keys

Hiding API keys
0

#1

I know how to do this for Node and Heroku but how about an ordinary bit of Javascript hosted on my own hosting.
Or even codepen?


#2

Unfortunately, there’s no way of hiding code that gets run in the browser.


#3

Unfortunately, you cannot hide on the client side.

However, what you can do is set an AJAX request to get the API key from your server. I believe this is the only way to hide API keys on the client-side.


#4

Hi,

if you are working on the weather app, there is not really a good way to hide the key. It is a known problem. When you want to use a weather api, use one where nothing happens when you publish the key. For example …after xxxx calls the api is not working anymore. for this day/week/month. .There are some apis where you must pay after xxxx calls automatically, you should not use them for codepen… of course!


#5

Yes, I was thinking hiding them in a database is what most systems will do.
I don’t expect too much traffic so I’ll not worry about if for now. :blush: