Api key showed at Page source

LionCity
New Member
1 0 0

Hi,

how to hide or encrypt the integrated third party API key from front end due anyone can simply view the API key from the page source.

We need to secure the API key from the website to prevent the important information leaks.

 

Capture.PNG

 

0 Likes
Greg_Kujawa
Shopify Partner
1016 83 237

We ran into the same concern when we were working through things. I would suggest deploying an app proxy --> https://shopify.dev/tutorials/display-data-on-an-online-store-with-an-application-proxy-app-extensio.... This would then pass off the call securely to your middleman, who would then it turn make the third-party API call. And return the results back to the front-end user session.  

0 Likes