What is the simplest way to hide an API key for someone without any back end knowledge?

Thanks for any help!

Since you can’t really hide an API key on client side you need a backend. Well, you could obfuscate your key on client side, but that is terrible.

For simple projects / exercises I would recommend diving into glitch.com, you can easily put your API-Key into the .env and restrict it to a certain domain via Access-Control-Allow-Origin, then fetch the API from your app. This only requires some very basic ‘express’ knowledge.

1 Like

Thanks Daniel!

I actually started diving into backend today, although I’m wondering if it’s really necessary for what I want to do.

I’m remaking my weather app for some API practice. I think I’ll try looking for APIs that don’t need a key.

For a weather app you could use https://www.metaweather.com/api/ which doesn’t require a key, but is restricted to only one request every minute. Or just stick to https://fcc-weather-api.glitch.me/ (which you probably know already :slight_smile: )

Happy coding!

1 Like