Is there a way to secure an API key on a frontend page?

前端 未结 5 897
星月不相逢
星月不相逢 2021-02-05 09:33

My service allow any HTML documents to be converted to PDF using a POST request. It is mostly used on the backend of my client\'s server and thus, the API key used for the commu

5条回答
  •  青春惊慌失措
    2021-02-05 10:18

    Hashing is a decent option and should be done anyway, but for a fully secure method that wouldn't add too much complexity, you could simply abstract away from the authorization/API key by building your own API to interface with the API. This way you could both limit the kinds of things that can be done with the API key and also completely obscure the API key from the user

提交回复
热议问题