Api key showed at Page source

1 0 0


how to hide or encrypt the integrated third party API key from front end due anyone can simply view the API key from the page source.

We need to secure the API key from the website to prevent the important information leaks.




Reply 1 (1)

Shopify Partner
1033 86 287

We ran into the same concern when we were working through things. I would suggest deploying an app proxy --> https://shopify.dev/tutorials/display-data-on-an-online-store-with-an-application-proxy-app-extensio.... This would then pass off the call securely to your middleman, who would then it turn make the third-party API call. And return the results back to the front-end user session.