Home > front end >  Where should I store the API Key that I generate for all my client app
Where should I store the API Key that I generate for all my client app

Time:01-13

I have 3 Frontend App that point to one API(express). Currently I generated 3 unique keys for each app for me to validate the api call from the frontend app. Since it rarely change, is it okay if i store as json file in api server?

Currently, it got store as text. I wondering if i need to encrypt it?

CodePudding user response:

Storing the keys in a JSON file on the API server would be a reasonable approach, as long as the server is secured and the file is not accessible to unauthorized users. However, it would be more secure to store the keys in a secure location, such as an environment variable or a secure key management service, to minimize the risk of the keys being compromised. Additionally, you should consider rotating the keys regularly to further enhance security.

  • Related