Api key showed at Page source

LionCity
Visitor
1 0 0

Hi,

how to hide or encrypt the integrated third party API key from front end due anyone can simply view the API key from the page source.

We need to secure the API key from the website to prevent the important information leaks.

 

Capture.PNG

 

Reply 1 (1)

Gregarican
Shopify Partner
1033 86 287

We ran into the same concern when we were working through things. I would suggest deploying an app proxy --> https://shopify.dev/tutorials/display-data-on-an-online-store-with-an-application-proxy-app-extensio.... This would then pass off the call securely to your middleman, who would then it turn make the third-party API call. And return the results back to the front-end user session.