Backendless Support
 
Solved

how to protect my JS_SECRET_KEY ?

hi all i am using backendless for my angular js app and for that i used JS_SECRET_KEY ,

when i load my app on browser obviously it will load all js file on browser site so it is not secure .

so, i want to make it secure and want to hide JS_SECRET_KEY from public so how should i do?

Leave a Comment

Comments (3)

photo
1

Hi Bhavesh,

The secret key is not supposed to be secret, this is just a bad naming and it will be renamed to API key in version 4.

You should use permissions to secure your app.

photo
1

hi Sergey

at hear we get secret key https://develop.backendless.com/#Scaniapp/v1/main/manage/settings i am using this key in my js file and that js file will visible for all so, i want to make it secret .

photo
2

You cannot make it totally secret, the only thing which might help a bit is to obfuscate your code.

As I said, you should not rely on making the secret key hard to find in order to secure your app. Set up correct permissions for users instead.

photo