Skip to content
This repository has been archived by the owner on Jul 8, 2020. It is now read-only.

Is it a safe/secure way to store SECRET KEYS ? #61

Open
Gorbus opened this issue May 30, 2019 · 2 comments
Open

Is it a safe/secure way to store SECRET KEYS ? #61

Gorbus opened this issue May 30, 2019 · 2 comments

Comments

@Gorbus
Copy link

Gorbus commented May 30, 2019

Hi,

I am using Expo for an app without backend but where I need to use some API SECRET KEYS (such as google places, sendgrid, etc...)

Is this package a safe solution to store these keys ? Are they fully secured while app is in production ?

I am not sure I understand fully the scope of the package. Thanks for clarification.
@jamonholmgren
Copy link

Short answer: no, this isn't secure or safe.

Long answer: there isn't really a way at all. https://medium.com/poka-techblog/the-best-way-to-store-secrets-in-your-app-is-not-to-store-secrets-in-your-app-308a6807d3ed

@klaaz0r
Copy link

klaaz0r commented Feb 3, 2020

Your app is a client and a client should never store any secret

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jamonholmgren @klaaz0r @Gorbus