How to store APP, API keys for Ionic app securely


#1

Hi, am a newbie to the platform and have been tinkering around with the framework, its amazing and have a few questions. If I want to use API’s and need the AppSecret or my registered App Id to use these API’s where can I securely put these in an Ionic app so someone cant just see this information. I came across this post but didn’t get a good answer Ionic Forum post - Store api key
so have the following related questions

  1. Are the app keys / app Id’s stored in a database like sql lite? or another server side service that I go through to make the REST call? Any examples online of how to do this?

  2. Can anyone please give me an example or tutorial if one is available of how to secure private information in an Ionic app.

Any help towards this would be great and I appreciate the help since I’m not able to find a lot on how to secure this information. Thanks in advance!


#2

Hey there!

Pretty sure that with the recent updates to platform, you don’t need to include any information like app api keys or secrets. All of that info is kept outside of the www/ directory, and used when working with the platform commands.


#3

Hi Mike, so outside of the www/ directory is it kept…like in a resource file? I am developing on Ionic 1 so just wanted to clarify you are not referring to Ionic 2.0 right…If you have an ionic example of how the recent updates that you mentioned work and say you can make an API call like to Google Maps for example using the APP key’s from an outside file that would be great. I have seen multiple people ask the same question online about asking for suggestions on a safer place to put this information. Thanks a lot for your help!