reactjs - How do I hide API key in create-react-app?

Question

Welcome To Ask or Share your Answers For Others

reactjs - How do I hide API key in create-react-app?

1 Reply

深蓝 · Answer 1 · 2021-10-16T22:33:17+0000

Unfortunately, keeping any key in your React client, even if you are using gitignore and an .env file, is not secure. As pointed out by @ClaudiuCreanga, React environment variables are embedded in the build and are publicly accessible.

You should really only save API keys or secrets in your backend such as Node / Express. You can have your client send a request to your backend API, which can then make the actual API call with the API key and send the data back to your client.

Categories

reactjs - How do I hide API key in create-react-app?

reactjs - How do I hide API key in create-react-app?

Please log in or register to add a comment.

Please log in or register to reply this article.

1 Reply

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags