Hiding api key #57070
Replies: 5 comments 7 replies
-
create a .env file. put your keys there. use some libraries (example: python-dotenv has load_dotenv) to automatically load in the params. Then use something like os.get to pick it up. then you can hideyour .env by adding .env in your .gitignore |
Beta Was this translation helpful? Give feedback.
-
To ensure the security of your API key when publishing your website on GitHub, follow these steps:
3.Create a .env.example file: This file will act as a reference template for others working on your project. It should include a list of required environment variables without their values. For instance: API_KEY= Protect the .env file: To prevent the .env file from being committed to the GitHub repository, add it to the .gitignore file. This ensures that the file remains local and secure on your machine. Commit and push your changes: Remember to include the updated .gitignore file and any other modifications in your commit, then push your code to GitHub. |
Beta Was this translation helpful? Give feedback.
-
|
Beta Was this translation helpful? Give feedback.
-
You can store and retrieve your API key from an environment variable. ie. Set your API key in an environment variable on the machine hosting your website then write your code in such a way that it reads the API key from the environment variable. |
Beta Was this translation helpful? Give feedback.
-
If you mean GitHub Pages, you can't. It's only for static sites (nothing that runs on the server), so everything you publish there is available to clients. If you just want to show your code to the world, make sure to load the API key from a separate file, and don't commit that file (and add it to |
Beta Was this translation helpful? Give feedback.
-
Select Topic Area
Question
Body
Hi,
I have coded a website and want to publish it on github. I have confusion how can I keep the API key hided. Can anyone please help..
Beta Was this translation helpful? Give feedback.
All reactions